• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Paul Clapham
  • Tim Cooke
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Devaka Cooray
  • Junilu Lacar
Saloon Keepers:
  • Tim Holloway
  • Carey Brown
  • Stephan van Hulst
  • Peter Rooke
  • Mikalai Zaikin
  • Himai Minh

SSO Login:How to redirect to login page

Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have write a SSO class for Single Sign on But i am getting one issue i am using JSF2 for my web application...here is my SSO class

As you can see i have write below line

It mean if User null it will redirect to Login page but it is not working Can any one tell me how to solve the issue i am end up with

An error has occurred.

For detailed error information, please see the HTML source code, and contact the forum Administrator.

Error while executing SSO actions: java.lang.NullPointerException

Saloon Keeper
Posts: 26877
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you have written your own login manage I cannot help you. Too much would depend on how you designed it. And, for the record, user-designed login managers have a near-100% record of being insecure, whether SSO or no.

If you are using the J2EE standard container-managed security sytem, logins are handled by the web application server, not by the web application. In that case, incoming URLs are scanned against the security patterns defined in the webapp's web.xml file, and if there's a match requiring a logged-in user, the seccurity manager steps in.

The first thing that the security manager does is determine whether the user is already logged in. If so, then it proceeds to check the user's assigned security roles against the roles allowed to make that URL request. Otherwise, the original URL request is placed on hold and the container displays the login page, accepts input from it, and validates the user's credentials. If they fail, the loginfail page is displayed. Otherwise the original URL request is pulled off hold, the security roles are checked, and - if the roles are acceptable - the request gets passed to the application for it to process.

There's really no difference between SSO and non-SSO security using the container security system other than that the container is configured to use an SSO security provider, such as CAS.
Can't .... do .... plaid .... So I did this tiny ad instead:
Master Gardener Program
    Bookmark Topic Watch Topic
  • New Topic