so my problem is also,
my user name and password is saved in db.
thze following links gave me no solution for
1. handle that j_security_check match it with the db data
2. if i want to encrypt password first and compare it with value in db
but generally, how i can use container managed security with a db
with duncan mills i know how how i react with j_security_check, but not where
j_security_check gets its data for match
all new stuff for me...
does anyone has any example for compining db with j_security_check
actually i do it like in mailreader:
// find customer
Customers customer = customersFacade.findByEmail(email);
// one already in db and password match
if ((customer != null) &&
(customer.getPassword().equals(password))) {
sessionFacade.setLoginMode("customer");
sessionFacade.setCustomer(customer);
return true;
}
return false;
2006/9/28, Kito D. Mann <[EMAIL PROTECTED]>:
My suggestion is to avoid container-managed security until the servlet spec
fixes it :-). Since there's no standard programmatic support for integrating
with the container inside of an action method, you're SOL if you want to use
JSF components to submit the login fields to the container, unless you use
proprietary features of the container.
If you must use container-managed security, you can either avoid using JSF
components to submit to j_security_check, or use a work-around such as the
one described by Duncan Mills
(http://groundside.com/blog/DuncanMills.php?title=j2ee_security_a_jsf_based_
login_form&more=1&c=1&tb=1&pb=1) or in the Sun JSF forums
(http://forum.java.sun.com/thread.jspa?threadID=594623&messageID=3145562).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Kito D. Mann ([EMAIL PROTECTED])
Author, JavaServer Faces in Action
http://www.virtua.com - JSF/Java EE consulting, training, and mentoring
http://www.JSFCentral.com - JavaServer Faces FAQ, news, and info
> -----Original Message-----
> From: stephan opitz [mailto:[EMAIL PROTECTED]
> Sent: Thursday, September 28, 2006 12:39 PM
> To: user@shale.apache.org
> Subject: shale and j_security_check ... and mailreader xmldb
> or later rdbms
>
> as i saw the j_security_check with the severside security
> login needs to submit to
>
> j_security_check
>
> with the values
>
> j_username
> j_password
>
> i tried it with the mailreader app, but without success...
>
> in mailreader the logon method in the logon backing bean is
> called so i dont know is it possible to set a
> j_security_check after logged in into mailreader
>
> any shale strategies with this case
>
> using security mechanism of tomcat or jboss is a difficult
> and there exist no real how to, so maybe anyone here has ideas?
>
