Menu
I'm developing a Java EE application (JSF2 + richfaces+ Facelets + Tomcat). What's the best way to perform authentication when using JSF? Or should I make my own ?
598
People usually pick between ( in no specific order) :
JAAS ( wich is Java/Java EE default security framework )
Spring Security
Custom Made Security
I never used Spring Security but the documentation is huge, i gave up trying that once because of time constraint. JAAS have the advantages of being simple and work out of the box with Tomcat.
I've seen custom security built on top of JAAS too.
What you really have to do is figure out what you will especifically need in your application and check wich frameworks suits your needs better.
Without knowing your business needs, if you only need Authentication (User login) i would say JAAS is the most simple way to go as is it not application intrusive and you wont need to add Spring dependencies if you are not already using it.
51
answered Apr 09 '26 08:04
Go for Spring Security
Here is how to integrate it with JSF
Edit:
http://ocpsoft.com/java/acegi-spring-security-jsf-login-page/
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
