File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Soft Skills: The software developer's life manual this week in the Jobs Discussion forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JSF PhaseListener

 
adam bilyone
Greenhorn
Posts: 16
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I wanted to secure my jsf pages so that a user must login before navigating to any page except the login page, if the user is not login and attempt to navigate to a secure page, he will be redirected to the login page. I used the JSF PhaseListener, it secure the pages by not rendering the pages, but it doesn't direct the user to the login page, instead it shows the following error message.

XML Parsing Error: no element found
Location: http://localhost:8080/FarmRecords/faces/UserHome.xhtml
Line Number 1, Column 1:
^

The followings are my codes

AuthenticationPhaseListener.java

@Override
public void afterPhase(PhaseEvent event) {
FacesContext context = event.getFacesContext();

if (!userExists(context))
{
if (requestingSecureView(context))
{
context.responseComplete();
context.getApplication().
getNavigationHandler().handleNavigation(context, null, "login");
}
}
}

@Override
public void beforePhase(PhaseEvent event)
{
//Do nothing
}

@Override
public PhaseId getPhaseId()
{
return PhaseId.RESTORE_VIEW;
}


private boolean userExists(FacesContext context) {
ExternalContext extContext = context.getExternalContext();
return (extContext.getSessionMap().containsKey("user"));
}

private boolean requestingSecureView(FacesContext context) {
ExternalContext extContext = context.getExternalContext();
String path = extContext.getRequestPathInfo();
return (!"/index.xhtml".equals(path));
}


faces-config.xml

<faces-config version="2.1"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_1.xsd">

<lifecycle>
<phase-listener>
com.bilyone.jsf.authenticate.AuthenticationPhaseListener
</phase-listener>
</lifecycle>


</faces-config>


Thank you for your response.
 
adam bilyone
Greenhorn
Posts: 16
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I solved the problem using
externalContext.redirect(externalContext.getRequestPath()+"/faces/home.xhtml");
instead of using navigation handler.
 
Tim Holloway
Saloon Keeper
Pie
Posts: 17616
38
Android Eclipse IDE Linux
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Or, you could have skipped all the trouble by using the J2EE container security system that comes with every J2EE server and requires no coding/debugging/maintenance at all.

And, unlike a JSF PhaseListener, it will guard non-JSF resources such as ordinary (non-JSF) servlets and JSPs, as well as the CSS, JavaScript, and other such resources.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic