I am new to JSF and want to create the login part of an app. I have a login page where I validate logins against a database. That is fine, but I can not figure out the logic in the following part. A legal user should be redirected to her own profile page and non legal users to a common error page. How do I "transport" the identity from the login to the profile page. All the info I need for a profile page i can get from the database so I kind of want to transport a bean from the login to create a user dependent view. I have looked at tutorials online but could not find examples except for the even simpler example where there is no use of user identity and eg.password and username is simply matched against hard coded values. I think there is some underlying "idea" I don't get because this should ne simple, right ?
Asked
Active
Viewed 515 times
0
-
Use search please: http://stackoverflow.com/questions/2206911/best-way-for-user-authentication-on-javaee-6-using-jsf-2-0 – Konstantin Milyutin Sep 29 '11 at 22:02
-
That question is about recommended best practices with respect to security for loging in and is at another level. I am just beginner trying to understand the logic of how to do things as simple as possible. – George P Sep 29 '11 at 22:22
-
It describes also the simplest way in my opinion: login is already provided, you just need to tell where your users and passwords are stored, the system will show login page and check if user is legal – Konstantin Milyutin Sep 29 '11 at 22:24
1 Answers
1
Put it in a session scoped managed bean. Here's a basic kickoff example:
@ManagedBean
@SessionScoped
public class ActiveUser {
private User user = new User();
@EJB
private UserService userService;
public String login() {
User found = userService.find(user);
if (found == null) {
setGlobalMessage("Invalid login, try again");
return null;
} else {
user = found;
return "userprofile";
}
}
public void isLoggedIn() {
return user.getId() != null;
}
// ...
}
You can intercept on its presence in a filter.
