Alin,
Please see [1]. I hope you find a solution that fits your needs.
[1] http://www.jsfcentral.com/listings/A92000?link
(When I click this link, I get a message from yahoo groups about
cookies, but if I then click the "try again" link, I see the article)
Regards,
Jeff Bischoff
Kenneth L K
Hi Jeff,
Can you give me some ideas about how you use phase listener for security? Or
give me a link for more details.
Thank you,
Alin.
> I tried to modify the jsp-examples/security/protected example from
> Tomcat to see if the same problem appears with plain jsp. It does not
> appear.
Hmm
> I tried to modify the jsp-examples/security/protected example from
> Tomcat to see if the same problem appears with plain jsp. It does not
> appear.
Hmm, interesting...
I'm afraid I can't speak to that myself, as we use a phase listener for
security.
Is anyone here using the built-in FORM s
Hi Jeff,
Thank you for your quick answer.
Let me tell you more details about my application.
So, I use Tomcat and as security I have configured the FORM method. The
security constraint just say that under /app/* there is a protected area and
only "user" and "admin" users are allowed. There are
Alin,
This sounds like a flaw in your application logic, not in JSF itself.
Your login method should return a String, which JSF will use to map to a
navigation rule. You can have as many possible outcomes from this method
as you wish, i.e. one string for login failure, one for regular users,
Hi,
I have an application that is using form based
authentication.
Suppose an user with many rights is logged in
and visiting a page (/app/page_for_admin.jsp) then s/he is clicking on
logout button. On the server the session is invalidated, then the
user is redirected to a page from restri
6 matches
Mail list logo
