RE: Almost figured out how to satisfy container and managed bean login.
>> anyone know why?
Without seeing your web.xml, I have no idea.
>> it never reaches the j_security check servlet
However, are you trying to do FORM based authentication? Then read this:
http://java.sun.com/javaee/5/docs/tutorial/doc/bncbe.html#bncbq
And here is an example:
http://java.sun.com/javaee/5/docs/tutorial/doc/bncbx.html#bncca
>> I have a double login requirement...
If you are using container managed security, you can use "isUserInRole", no?
Leo
-Original Message-
From: Yucca Nel [mailto:yucca...@live.co.za]
Sent: Sunday, May 09, 2010 1:22 PM
To: Tomcat Users List
Subject: Almost figured out how to satisfy container and managed bean login.
I have a double login requirement because I need some finer detals that
tomcst's container authentication does not seem to provide.
I need a way to atore username in business logic scope when logged in (mainly
just the username) my current solution is not working as follows:
I submit action to backing method which is coded in the jsf as follows in the
login page:
then in loginForm.java I have the method coded as follows to set my managed
bean and hopefuly dispatch on continer needed login credentials.
public String confirmCredentials() throws IOException, ServletException {
UserSession userSession =
(UserSession)FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get("userSession");
if (UserManagerBean.confirmLogin(username, password)) {
UsersEntity user = UserManagerBean.findUser(username);
userSession.setCurrentUser(user);
return "home";
}
FacesMessage message = new FacesMessage();
message.setSummary("Login Error");
message.setDetail("Unable to log you in -"
+ " username and password combination not found.");
message.setSeverity(FacesMessage.SEVERITY_WARN);
FacesContext.getCurrentInstance().addMessage(null,message);
ExternalContext ectx =
FacesContext.getCurrentInstance().getExternalContext();
HttpServletRequest request =
(HttpServletRequest)ectx.getRequest();
HttpServletResponse response =
(HttpServletResponse)ectx.getResponse();
RequestDispatcher dispatcher =
request.getRequestDispatcher("j_security_check");
dispatcher.forward(request,response);
return null;
}
it never reaches the j_security check servlet
anyone know why?
The method works fine when called from outside containers security context
defined around the page request.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Almost figured out how to satisfy container and managed bean login.
On 09/05/2010 21:22, Yucca Nel wrote:
> I have a double login requirement because I need some finer detals that
> tomcst's container authentication does not seem to provide.
> I need a way to atore username in business logic scope when logged in (mainly
> just the username) my current solution is not working as follows:
>
> I submit action to backing method which is coded in the jsf as follows in the
> login page:
>
>
>
>
>
>
>
>
>
>
>
>
How does the form defined here, know which method to submit the date
with (GET or POST) and to which URL (there's no action attribute)?
p
>
>
> style="color:yellow;"/>
> value="#{loginForm.username}"
> title="#{registerMsg.userNameTitle}"required="true">
>
>
> style="color:yellow;"/>
> value="#{loginForm.password}"
> title="#{registerMsg.passwordTitle}"required="true" >
>
>
>
>
>
> value="#{loginMsg.login}"style="color:#20b2aa;" />
>
>
>
> then in loginForm.java I have the method coded as follows to set my managed
> bean and hopefuly dispatch on continer needed login credentials.
>
>
> public String confirmCredentials() throws IOException, ServletException {
>UserSession userSession =
>
> (UserSession)FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get("userSession");
>
> if (UserManagerBean.confirmLogin(username, password)) {
>
> UsersEntity user = UserManagerBean.findUser(username);
> userSession.setCurrentUser(user);
> return "home";
> }
> FacesMessage message = new FacesMessage();
> message.setSummary("Login Error");
> message.setDetail("Unable to log you in -"
>+ " username and password combination not found.");
> message.setSeverity(FacesMessage.SEVERITY_WARN);
> FacesContext.getCurrentInstance().addMessage(null,message);
> ExternalContext ectx =
> FacesContext.getCurrentInstance().getExternalContext();
> HttpServletRequest request =
> (HttpServletRequest)ectx.getRequest();
> HttpServletResponse response =
> (HttpServletResponse)ectx.getResponse();
> RequestDispatcher dispatcher =
> request.getRequestDispatcher("j_security_check");
> dispatcher.forward(request,response);
> return null;
> }
>
> it never reaches the j_security check servlet
>
> anyone know why?
>
> The method works fine when called from outside containers security context
> defined around the page request.
>
>
>
signature.asc
Description: OpenPGP digital signature
Re: Almost figured out how to satisfy container and managed bean login.
Yucca Nel wrote: I have a double login requirement because I need some finer detals that tomcst's container authentication does not seem to provide. I need a way to atore username in business logic scope when logged in (mainly just the username) my current solution is not working as follows: I submit action to backing method which is coded in the jsf as follows in the login page: ... I know nothing of JSP. But in the examples supplied with Tomcat, I see that the login form uses
