Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

User login with JSF 2.0 [duplicate]

Tags:

java

authentication

jsf

jakarta-ee

jsf-2

I am trying - with JSF 2.0 - to implement in a neat way the login/remember me/logout management. Since the traditional <form action="j_security_check" ... way lacks of flexibility I decided to follow a different path, but I found a problem.

Declarative security is properly set both in the application server through <security-domain> and in web.xml through <security-constraint>, <login-config> and <form-login-page>.

The login page:

<h:form id="loginForm"> 
    <h:panelGrid columns="2" cellspacing="5">
        <h:outputText value="Username" />
        <h:inputText value="#{loginBean.username}" />
        <h:outputText value="Password:" />
        <h:inputText value="#{loginBean.password}" />
        <h:outputLabel value=""/>
        <h:commandButton value="Login" action="#{loginBean.login}" />
    </h:panelGrid>      
</h:form>

And the simple LoginBean#login():

public String login( )
{
    HttpServletRequest request = (HttpServletRequest)FacesContext.getCurrentInstance( ).getExternalContext( ).getRequest( );        
    try {
        request.login( username, password );
    }
    catch ( ServletException e ) {
        FacesContext.getCurrentInstance().addMessage( "Unknown login...
        return null;
    }       
    return "i_dont_know_where_you_were_going";
}

Everything works fine, but after a successful login I don't know how to forward the user to its original request. Since the login page is automatically interposed between the client request and "any" secured resource I need a way to understand where to redirect the action. request.getRequestURL( ) doesn't help, probably because of a RequestDispatcher#forward() (which overwrites the request url) intervention. Do you think this is an appropriate way to manage the login process? If so, any hint about the problem?

Thanks a lot!

like image 770
Fabio Avatar asked Jan 18 '23 08:01

Fabio

1 Answers

Add something like the following line to your login view. It stores the requested page during the login.

<f:param name="redirect" value="#{requestScope['javax.servlet.forward.request_uri']}" />

Then get the requested uri in your login bean.

FacesContext context = FacesContext.getCurrentInstance();
String redirect = context.getExternalContext().getRequestParameterMap().get("redirect");

Add ?faces-redirect=true to the string and return it.

like image 98
Robin Avatar answered Jan 28 '23 12:01

Robin
Sign in to Comment

Related questions

Tomcat or JBoss server for a Java EE application?
no GroupLayout in NetBeans 7, what's wrong?
sbt is using "default" project instead of creating a new one
Storing large decimal numbers in Java
HttpClient: disabling chunked encoding
Hibernate Second-Level Cache: Does get use it?
Bit twiddling for Java or Scala programmers
subscribing to an event bus
How to add global action event listener?
Is it bad practice to use `this` in Java? [closed]
Can JSON Object Attribute Names Be Integers?
Java regex validating special chars
Spring ORM with C3P0 or DBCP is leaking connections
Fortran GOTOs in java
How do I get all the attachments from a .nsf(lotus notes) file using java
JPype doesn't work inside thread?
Does an Anonymous Class Keep External References Alive?
re-initialize the static variables of a class to their original values java
Generating a Jar in Eclipse including external library
Java: what is the overhead of using ConcurrentSkipList* when no concurrency is needed?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!