• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Rob Spoor
  • Bear Bibeault
Saloon Keepers:
  • Jesse Silverman
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Al Hobbs
  • salvin francis

SSO Login:How to redirect to login page

 
Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have write a SSO class for Single Sign on But i am getting one issue i am using JSF2 for my web application...here is my SSO class


As you can see i have write below line



It mean if User null it will redirect to Login page but it is not working Can any one tell me how to solve the issue i am end up with

An error has occurred.

For detailed error information, please see the HTML source code, and contact the forum Administrator.

Error while executing SSO actions: java.lang.NullPointerException

 
Saloon Keeper
Posts: 24564
168
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you have written your own login manage I cannot help you. Too much would depend on how you designed it. And, for the record, user-designed login managers have a near-100% record of being insecure, whether SSO or no.

If you are using the J2EE standard container-managed security sytem, logins are handled by the web application server, not by the web application. In that case, incoming URLs are scanned against the security patterns defined in the webapp's web.xml file, and if there's a match requiring a logged-in user, the seccurity manager steps in.

The first thing that the security manager does is determine whether the user is already logged in. If so, then it proceeds to check the user's assigned security roles against the roles allowed to make that URL request. Otherwise, the original URL request is placed on hold and the container displays the login page, accepts input from it, and validates the user's credentials. If they fail, the loginfail page is displayed. Otherwise the original URL request is pulled off hold, the security roles are checked, and - if the roles are acceptable - the request gets passed to the application for it to process.

There's really no difference between SSO and non-SSO security using the container security system other than that the container is configured to use an SSO security provider, such as CAS.
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic