On 09/05/2010 21:22, Yucca Nel wrote:
> I have a double login requirement because I need some finer detals that
> tomcst's container authentication does not seem to provide.
> I need a way to atore username in business logic scope when logged in (mainly
> just the username) my current solution is not working as follows:
>
> I submit action to backing method which is coded in the jsf as follows in the
> login page:
>
>
> <f:view>
> <body style="background-color:#7b68ee;margin:auto">
> <div align="center" id="header"><jsp:include page="/header.jsp"/></div>
> <div align="center">
> <div align="center" id="centred-content"style="border-width:3px;
> border-style: solid; border-color: #7fffd4;width:800px">
> <div id="h1" align="center">
> <h:outputText value="#{loginMsg.h1}..." style="color:white;
> font-family:fantasy;font-size:large;"/><br>
> <h:outputText value="#{loginMsg.h2}..." style="color:white;
> font-family:fantasy;font-size:large;"/></div>
> <div align="center">
> <h:form>
How does the form defined here, know which method to submit the date
with (GET or POST) and to which URL (there's no action attribute)?
p
> <h:panelGrid columns="2">
>
> <h:outputText value="#{registerMsg.userName}:"
> style="color:yellow;"/>
> <h:inputText id="j_username"
> value="#{loginForm.username}"
> title="#{registerMsg.userNameTitle}"required="true">
>
> <f:validateLength maximum="20" minimum="6"/>
> <h:outputText value="#{registerMsg.password}:"
> style="color:yellow;"/>
> <h:inputSecret id="j_passwword"
> value="#{loginForm.password}"
> title="#{registerMsg.passwordTitle}"required="true" >
>
> </h:inputSecret>
>
> </h:panelGrid>
>
> <h:commandButton action="#{loginForm.confirmCredentials}"
> value="#{loginMsg.login}"style="color:#20b2aa;" />
> <br>
> </h:form>
>
> then in loginForm.java I have the method coded as follows to set my managed
> bean and hopefuly dispatch on continer needed login credentials.
>
>
> public String confirmCredentials() throws IOException, ServletException {
> UserSession userSession =
>
> (UserSession)FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get("userSession");
>
> if (UserManagerBean.confirmLogin(username, password)) {
>
> UsersEntity user = UserManagerBean.findUser(username);
> userSession.setCurrentUser(user);
> return "home";
> }
> FacesMessage message = new FacesMessage();
> message.setSummary("Login Error");
> message.setDetail("Unable to log you in -"
> + " username and password combination not found.");
> message.setSeverity(FacesMessage.SEVERITY_WARN);
> FacesContext.getCurrentInstance().addMessage(null,message);
> ExternalContext ectx =
> FacesContext.getCurrentInstance().getExternalContext();
> HttpServletRequest request =
> (HttpServletRequest)ectx.getRequest();
> HttpServletResponse response =
> (HttpServletResponse)ectx.getResponse();
> RequestDispatcher dispatcher =
> request.getRequestDispatcher("j_security_check");
> dispatcher.forward(request,response);
> return null;
> }
>
> it never reaches the j_security check servlet
>
> anyone know why?
>
> The method works fine when called from outside containers security context
> defined around the page request.
>
>
>
signature.asc
Description: OpenPGP digital signature
