My apps simply have their own secure login pages so I don't have a best practice, but I'll help hash something out. I suppose my first question is. Are you using Facelets? My knee jerk solution to this would be to write a simple <my:loginForm> tag with Facelets that used a regular html form and an https action URI. The action URI can be backed by a servlet that would get everything sorted. When it's all said and done you end up being redirected to your app's home jsf page with a new secure session and populated identity.
Sure it would be nice if some nice jsf framework provider did all the work for you. Fortunately I don't think it's that much work and should fit the requirements. I'm sure Seam will eventually get there, they just need to step back and think about the problem. I think they've been burnt rushing into things in the past. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4039573#4039573 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4039573 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
