I searched for this in the forum but couldn't find anything...except others facing the same issue (in other forums)...
Here is the problem:
My website will get users directed from a gateway which already authenticated them (two factor etc..). Their authenticated ID will be in the HTTP header I get for each request...so far so good...
The first thing I want to do is instantiate a user object that stores their userID in the HTTP header. So, (in 'kinda' psuedo code), here is what I want to do:
if (!user.isauthenticated()) { - extract the authenticated ID from the http header. - store the ID in the user object. - user.setAuthenticated(true) - Display - "Welcome User" Page
}
But, as a newbie to JSF, I can't figure out how to execute a type of "page load" which calls this type of function on a bean without any user interaction.
I have thought of: - in a user constructor: but not sure how to link it. - index.jsp page which display's the userID using a user.getUserID() function and times out to another page?
They both look like hacks to me. I am sure many others must have come across this problem before - whats the trick please?
thanks!
[ January 13, 2006: Message edited by: jack catler ] [ January 13, 2006: Message edited by: jack catler ]
* Register your own phase listener * in Before Render Response phase: - Access the User bean using Variable Resolver - Check user is not authenticated yet - if so, -- take the data from the http request and set authentication to true -- set "Welcome Page" as a current viewId
As a newbie I will read on up this and give it a try. One quick question however, do you know how often the 'listener' would be called ? That is, is it called for every page/link for the particular application?
I guess in my case it would be OK to check on every page and check the user is authenticated before any action taken, is this the way it works?
If not how does one configure it for a particular page...?
Thanks to your tip and then this summary I found: http://jroller.com/page/cschalk?entry=getting_familiar_with_the_jsf
But, there is one problem..how to call an error page (say "autherror.jsp") from the PhaseListener more elegantly - and possibly display dynamic a message? At the moment I have resorted to calling 'getExternalContext().redirect("autherror.jsp")' - I suspect this is not recommended....?
// Example: First the listener critical code......
MyPhaseListener implements PhaseListener { ....
public void beforePhase(PhaseEvent pe) { // ...get the user object from the context..etc..here...
if ( !user.isAuthorized()) { user.authorize(); }
// if it gets here means we are authorized....I hope! ..... }
// Now the User bean critical code.. -----------------------------
I purchased the book Java Server Faces in Action and it had a couple paragraphs about this. Essentially you could create a new UIView object based on the name of the page you are trying to forward to and then tell the faces context to render that view instead. Something along the lines of:
Sergey, my question to you is about the phase listener. How do I make and register this phase listener? Do I just create a bean, call it MyPhaseListener. Make it implement PhaseListener, adds itself as a listener on the lifecycle and then make that bean a managed-bean in the faces-config file? In what scope? Session?
And then when the user accesses a page, say login.jsf, does that page have to have a component bound to something of the MyPhaseListener object so that it is instantiated and gets its BeforeRender method called at the appropriate time? If the user is already authenticated, it can then forward them to the main welcome page, else they will continue to the login page.
Thanks!!!
Post by:autobot
I am going to test your electrical conductivity with this tiny ad:
a bit of art, as a gift, the permaculture playing cards