RE: Almost figured out how to satisfy container and managed bean login.
>> anyone know why? Without seeing your web.xml, I have no idea. >> it never reaches the j_security check servlet However, are you trying to do FORM based authentication? Then read this: http://java.sun.com/javaee/5/docs/tutorial/doc/bncbe.html#bncbq And here is an example: http://java.sun.com/javaee/5/docs/tutorial/doc/bncbx.html#bncca >> I have a double login requirement... If you are using container managed security, you can use "isUserInRole", no? Leo -Original Message- From: Yucca Nel [mailto:yucca...@live.co.za] Sent: Sunday, May 09, 2010 1:22 PM To: Tomcat Users List Subject: Almost figured out how to satisfy container and managed bean login. I have a double login requirement because I need some finer detals that tomcst's container authentication does not seem to provide. I need a way to atore username in business logic scope when logged in (mainly just the username) my current solution is not working as follows: I submit action to backing method which is coded in the jsf as follows in the login page: then in loginForm.java I have the method coded as follows to set my managed bean and hopefuly dispatch on continer needed login credentials. public String confirmCredentials() throws IOException, ServletException { UserSession userSession = (UserSession)FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get("userSession"); if (UserManagerBean.confirmLogin(username, password)) { UsersEntity user = UserManagerBean.findUser(username); userSession.setCurrentUser(user); return "home"; } FacesMessage message = new FacesMessage(); message.setSummary("Login Error"); message.setDetail("Unable to log you in -" + " username and password combination not found."); message.setSeverity(FacesMessage.SEVERITY_WARN); FacesContext.getCurrentInstance().addMessage(null,message); ExternalContext ectx = FacesContext.getCurrentInstance().getExternalContext(); HttpServletRequest request = (HttpServletRequest)ectx.getRequest(); HttpServletResponse response = (HttpServletResponse)ectx.getResponse(); RequestDispatcher dispatcher = request.getRequestDispatcher("j_security_check"); dispatcher.forward(request,response); return null; } it never reaches the j_security check servlet anyone know why? The method works fine when called from outside containers security context defined around the page request. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Almost figured out how to satisfy container and managed bean login.
On 09/05/2010 21:22, Yucca Nel wrote: > I have a double login requirement because I need some finer detals that > tomcst's container authentication does not seem to provide. > I need a way to atore username in business logic scope when logged in (mainly > just the username) my current solution is not working as follows: > > I submit action to backing method which is coded in the jsf as follows in the > login page: > > > > > > > > > > > > How does the form defined here, know which method to submit the date with (GET or POST) and to which URL (there's no action attribute)? p > > > style="color:yellow;"/> > value="#{loginForm.username}" > title="#{registerMsg.userNameTitle}"required="true"> > > > style="color:yellow;"/> > value="#{loginForm.password}" > title="#{registerMsg.passwordTitle}"required="true" > > > > > > > value="#{loginMsg.login}"style="color:#20b2aa;" /> > > > > then in loginForm.java I have the method coded as follows to set my managed > bean and hopefuly dispatch on continer needed login credentials. > > > public String confirmCredentials() throws IOException, ServletException { >UserSession userSession = > > (UserSession)FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get("userSession"); > > if (UserManagerBean.confirmLogin(username, password)) { > > UsersEntity user = UserManagerBean.findUser(username); > userSession.setCurrentUser(user); > return "home"; > } > FacesMessage message = new FacesMessage(); > message.setSummary("Login Error"); > message.setDetail("Unable to log you in -" >+ " username and password combination not found."); > message.setSeverity(FacesMessage.SEVERITY_WARN); > FacesContext.getCurrentInstance().addMessage(null,message); > ExternalContext ectx = > FacesContext.getCurrentInstance().getExternalContext(); > HttpServletRequest request = > (HttpServletRequest)ectx.getRequest(); > HttpServletResponse response = > (HttpServletResponse)ectx.getResponse(); > RequestDispatcher dispatcher = > request.getRequestDispatcher("j_security_check"); > dispatcher.forward(request,response); > return null; > } > > it never reaches the j_security check servlet > > anyone know why? > > The method works fine when called from outside containers security context > defined around the page request. > > > signature.asc Description: OpenPGP digital signature
Re: Almost figured out how to satisfy container and managed bean login.
Yucca Nel wrote: I have a double login requirement because I need some finer detals that tomcst's container authentication does not seem to provide. I need a way to atore username in business logic scope when logged in (mainly just the username) my current solution is not working as follows: I submit action to backing method which is coded in the jsf as follows in the login page: ... I know nothing of JSP. But in the examples supplied with Tomcat, I see that the login form uses