aspose file tools*
The moose likes JSF and the fly likes Login error in JSF 1.2 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "Login error in JSF 1.2" Watch "Login error in JSF 1.2" New topic
Author

Login error in JSF 1.2

Eshwar Prasad
Ranch Hand

Joined: Mar 21, 2008
Posts: 202
I have a requirement to develop and form based login module using JSF 1.2. However, I am unable to understand like how to specify the success page in the navigation case. Below code snippet would help in understanding the issue. I am using Tomcat server for development.



If I access any protected resource like myhome.faces, initially I am pointed to login.faces to enter username and password and once authenticated I will be landed to myhome.jsp page. However, in case I enter wrong credentials, since I pointed it again back to login.faces with error as query string, I am landed to same page displaying error message. Below us my login.jsp



When I enter invalid credentials on url (http://localhost:8080/sampleapps/login.faces), it is directed to below URL with error message.

http://localhost:8080/sampleapps/j_security_check

Below are my questions. Please help me.
1. In case of error credentials, I am directed to http://localhost:8080/sampleapps/j_security_check with error message, again when entering correct credentials, I am directed back to login.faces and not to index.faces.
2. I am using JSF 1.2. how can I direct to success page or failure page in this scenario as it is done in springs/struts.

Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16145
    
  21

When you use the J2EE Container-Managed security subsystem, you do not "Develop a login module". The "login module" is an integral part of the web application server. There are No User Servicable Parts inside. That is a large part of why it is so secure.

There isn't much point in attempting to write the login or loginfail pages in JSF, because of this. In many cases, the web application server cannot properly manage login or welcome pages in JSF in any event, since those pages do not have an actual external URL (j_security_check, for example, does not target a resource, it simply maintains the login conversation). And more critically, the webapp server (container) may not support routing such requests through the FacesServlet. Container-dispatched web pages work best when they are straight HTML or simple JSP.

Login in the J2EE security system does not support a post-login page, and I'm actually glad it does not, since a lot of times I bookmark critical URLs and I have no patience with navigating a lot of useless stuff if what I want is located at a specific bookmarkable URL. The J2EE container system will intercept requests to those URLs, and present a login screen if I am not already logged in, then proceed to send me directly to the page I want.


Customer surveys are for companies who didn't pay proper attention to begin with.
 
wood burning stoves
 
subject: Login error in JSF 1.2