Win a copy of TDD for a Shopping Website LiveProject this week in the Testing forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
  • Piet Souris
  • Himai Minh

Login error in JSF 1.2

Ranch Hand
Posts: 205
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have a requirement to develop and form based login module using JSF 1.2. However, I am unable to understand like how to specify the success page in the navigation case. Below code snippet would help in understanding the issue. I am using Tomcat server for development.

If I access any protected resource like myhome.faces, initially I am pointed to login.faces to enter username and password and once authenticated I will be landed to myhome.jsp page. However, in case I enter wrong credentials, since I pointed it again back to login.faces with error as query string, I am landed to same page displaying error message. Below us my login.jsp

When I enter invalid credentials on url (http://localhost:8080/sampleapps/login.faces), it is directed to below URL with error message.


Below are my questions. Please help me.
1. In case of error credentials, I am directed to http://localhost:8080/sampleapps/j_security_check with error message, again when entering correct credentials, I am directed back to login.faces and not to index.faces.
2. I am using JSF 1.2. how can I direct to success page or failure page in this scenario as it is done in springs/struts.

Saloon Keeper
Posts: 25461
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
When you use the J2EE Container-Managed security subsystem, you do not "Develop a login module". The "login module" is an integral part of the web application server. There are No User Servicable Parts inside. That is a large part of why it is so secure.

There isn't much point in attempting to write the login or loginfail pages in JSF, because of this. In many cases, the web application server cannot properly manage login or welcome pages in JSF in any event, since those pages do not have an actual external URL (j_security_check, for example, does not target a resource, it simply maintains the login conversation). And more critically, the webapp server (container) may not support routing such requests through the FacesServlet. Container-dispatched web pages work best when they are straight HTML or simple JSP.

Login in the J2EE security system does not support a post-login page, and I'm actually glad it does not, since a lot of times I bookmark critical URLs and I have no patience with navigating a lot of useless stuff if what I want is located at a specific bookmarkable URL. The J2EE container system will intercept requests to those URLs, and present a login screen if I am not already logged in, then proceed to send me directly to the page I want.
Heroic work plunger man. Please allow me to introduce you to this tiny ad:
Free, earth friendly heat - from the CodeRanch trailboss
    Bookmark Topic Watch Topic
  • New Topic