Win a copy of Practical SVG this week in the HTML/CSS/JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

JSF Concepts - MVC,Unit Testing,Access URL

 
Mustafa Garhi
Ranch Hand
Posts: 111
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

If anyone could clarify these:

1. Is JSF MVC framework or a variation of it ? How?
2. Unit testing becomes easier by JSF (mentioned in JSF in Action). How ?
3. I have my login.jsp in pages folder in my contextPath and i access it using http://localhost:port/contextPath/faces/pages/login.jsp with web.xml having /faces/* mapped to FacesServlet. Is it that FacesServlet considers the path after /faces/ (pages/login.jsp in my case) to reach the actual contents.

Thanks.
 
Tim Holloway
Bartender
Posts: 18419
60
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
1. There can be no 100% complete implementation of MVC in any web framework. MVC requires the ability for the Controller to make unsolicited updates to the View, and the HTTP protocol doesn't permit a server to send unsolicited data. However, JSF is about as close as you can get to MVC for the web.

2. A well-designed backing bean has little or not JSF-specific code in it. The ideal backing bean is a simple POJO and it invokes POJOs for the business layer underneath it. The advantage of POJOs in testing is that they don't require you to set up and launch a slow, complicated testing framework - all you normally need is JUnit.

3. faces/login.jsp is the correct location, but if you're attempting to use it in conjunction with container-based authentication you may have problems.

The container login system doesn't just redirect an unauthenticated user to the login page, it also shunts the original URL request aside so that it can resume it once you've logged in. The JSF framework appears to have trouble pushing aside the original JSF context and setting up a whole new one for logins, and it's not the only framework I've had problems with (Struts, for example). To avoid problems, I don't use JSF on my login pages - they're just simple JSP forms.

That isn't a popular approach if you're into bells'n whistles on your login page, but it does promote the idea that you take your security seriously, and, aside from the psychological effect, you don't end up with possible security issues stemming from the use of incidental functions on the login page itself.
 
Mustafa Garhi
Ranch Hand
Posts: 111
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks dude,

Will read more over the weekend and get back
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!