You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@myfaces.apache.org by "tszpinda@gmail.com" <ts...@gmail.com> on 2006/12/07 00:02:34 UTC
Passing passwd & login
Hi,
I'm wondering what solution for that you got boys:
- how should I pass the password and the user login through
beans, as I need both of them to retrieve data form database.
Is good enough to have loginBean.java and then on each bean which
needs connect to db do something like:
FacesContext context = FacesContext.getCurrentInstance();
ValueBinding vb =
context.getApplication().createValueBinding("#{loginBean}");
u = ((UserBean) vb.getValue(context));
userName = u.getLoginName();
passwd = u.getPasswd();
Or better solution will be put user and password to the session like:
FacesContext fc = FacesContext.getCurrentInstance();
HttpSession session = (HttpSession)
fc.getExternalContext().getSession(false);
session.setAttribute("USER", loginName);
and then retrieve it when necessery:
HttpSession session = (HttpSession)
context.getExternalContext().getSession(false);
session.getAttribute("USER");
Thanks for any suggestion!
Tomek
Re: Passing passwd & login
Posted by Cagatay Civici <ca...@gmail.com>.
Hi,
I'll also prefer a J2EE security model over a login bean.
For page authorization you may take a look at new SecurityContext.
http://wiki.apache.org/myfaces/SecurityContext
Regards,
Cagatay
On 12/7/06, ::SammyRulez:: <sa...@gmail.com> wrote:
>
> I use standard j2ee security model. on tomcat jsbce realms works fine
>
> when you want to know the username just
>
> FacesContext.getCurrentInstance
> ().getExternalContext().getUserPrincipal().getName()
>
> and tomahawk components has a lot of visibleOnUserRole attribute that
> allows you to forgot about permissions in your business code...
>
> 2006/12/7, tszpinda@gmail.com <ts...@gmail.com>:
> > Hi,
> > I'm wondering what solution for that you got boys:
> > - how should I pass the password and the user login through
> > beans, as I need both of them to retrieve data form database.
> >
> > Is good enough to have loginBean.java and then on each bean which
> > needs connect to db do something like:
> > FacesContext context = FacesContext.getCurrentInstance();
> > ValueBinding vb =
> > context.getApplication().createValueBinding("#{loginBean}");
> >
> > u = ((UserBean) vb.getValue(context));
> > userName = u.getLoginName();
> > passwd = u.getPasswd();
> >
> > Or better solution will be put user and password to the session
> like:
> > FacesContext fc = FacesContext.getCurrentInstance();
> > HttpSession session = (HttpSession)
> > fc.getExternalContext().getSession(false);
> > session.setAttribute("USER", loginName);
> > and then retrieve it when necessery:
> > HttpSession session = (HttpSession)
> > context.getExternalContext().getSession(false);
> > session.getAttribute("USER");
> >
> > Thanks for any suggestion!
> >
> > Tomek
> >
>
>
> --
> ::SammyRulez::
> http://www.kyub.com/blog/
> -----------------------------------------------------------------
> La programmazione è per un terzo interpretazione e per due terzi
> ispirazione.
> E per un terzo mistificazione
>
Re: Passing passwd & login
Posted by "::SammyRulez::" <sa...@gmail.com>.
I use standard j2ee security model. on tomcat jsbce realms works fine
when you want to know the username just
FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal().getName()
and tomahawk components has a lot of visibleOnUserRole attribute that
allows you to forgot about permissions in your business code...
2006/12/7, tszpinda@gmail.com <ts...@gmail.com>:
> Hi,
> I'm wondering what solution for that you got boys:
> - how should I pass the password and the user login through
> beans, as I need both of them to retrieve data form database.
>
> Is good enough to have loginBean.java and then on each bean which
> needs connect to db do something like:
> FacesContext context = FacesContext.getCurrentInstance();
> ValueBinding vb =
> context.getApplication().createValueBinding("#{loginBean}");
>
> u = ((UserBean) vb.getValue(context));
> userName = u.getLoginName();
> passwd = u.getPasswd();
>
> Or better solution will be put user and password to the session like:
> FacesContext fc = FacesContext.getCurrentInstance();
> HttpSession session = (HttpSession)
> fc.getExternalContext().getSession(false);
> session.setAttribute("USER", loginName);
> and then retrieve it when necessery:
> HttpSession session = (HttpSession)
> context.getExternalContext().getSession(false);
> session.getAttribute("USER");
>
> Thanks for any suggestion!
>
> Tomek
>
--
::SammyRulez::
http://www.kyub.com/blog/
-----------------------------------------------------------------
La programmazione è per un terzo interpretazione e per due terzi ispirazione.
E per un terzo mistificazione
Re: Passing passwd & login
Posted by Jeff Bischoff <jb...@klkurz.com>.
Mike Kienenberger wrote:
> On 12/7/06, Jeff Bischoff <jb...@klkurz.com> wrote:
>> So I would say it's another option, but not always better. Feel free to
>> educate me on why you disagree.
>
> No, that's a fair comment, and I thought of the same limitation after
> I posted the message. It's another option in many cases. I won't
> argue about the subjective "better" part (although unit testing
> dependency injection comes to mind).
>
Testing? Wait, we're supposed to be doing testing!?! Uh oh...
;)
Re: Passing passwd & login
Posted by Mike Kienenberger <mk...@gmail.com>.
Responses to both Jeff and Tomek below.
On 12/7/06, tszpinda@gmail.com <ts...@gmail.com> wrote:
> Actually I don't know how to do it, could please you send me some
> example, or some links?
<managed-bean>
<managed-bean-name>yourBean</managed-bean-name>
<managed-bean-class>yourpackage.yourbean</managed-bean-class>
<managed-bean-scope>request</managed-bean-scope>
[...]
<managed-property>
<property-name>loginBean</property-name>
<value>#{loginBean}</value>
</managed-property>
[...]
</managed-bean>
On 12/7/06, Jeff Bischoff <jb...@klkurz.com> wrote:
> Mike Kienenberger wrote:
> > Better yet would be to set loginBean as a managed property for any
> > beans that use it. Then you don't need to write any code.
>
> This won't work in all cases (e.g. A session bean looking up a request
> bean). Also, some of us prefer not to managed dependencies between java
> classes in XML. :)
>
> So I would say it's another option, but not always better. Feel free to
> educate me on why you disagree.
No, that's a fair comment, and I thought of the same limitation after
I posted the message. It's another option in many cases. I won't
argue about the subjective "better" part (although unit testing
dependency injection comes to mind).
Re: Passing passwd & login
Posted by Jeff Bischoff <jb...@klkurz.com>.
Mike Kienenberger wrote:
> Better yet would be to set loginBean as a managed property for any
> beans that use it. Then you don't need to write any code.
>
Mike,
This won't work in all cases (e.g. A session bean looking up a request
bean). Also, some of us prefer not to managed dependencies between java
classes in XML. :)
So I would say it's another option, but not always better. Feel free to
educate me on why you disagree.
Regards,
Jeff Bischoff
Kenneth L Kurz & Associates, Inc.
> On 12/7/06, tszpinda@gmail.com <ts...@gmail.com> wrote:
>> I see, thats pretty good idea, will do like you wrote, I'm quite lazy in
>> repeating the code, so that solution is for me :)
>>
>> Thanks everyone for help :)
>>
>> Tomek
>>
>> Jeff Bischoff wrote:
>> > Tomek,
>> >
>> > > session.setAttribute("USER", loginName);
>> >
>> > You shouldn't need to do direct session/request manipulation as long
>> > as you have a facescontext.
>> >
>> > I also don't like including all this FacesContext/ValueBinding code in
>> > every managed bean. Too much clutter.
>> >
>> > Better is a utility class that performs such lookups between managed
>> > beans:
>> >
>> > public class WebLookup {
>> >
>> > /**
>> > * Look up a managed bean by JSP-EL value-binding expression
>> > * @param ref a value-binding expression to lookup
>> > * @return the managed bean referenced by the expression
>> > */
>> > public static Object getManagedBean(String ref) {
>> > // Find or create the web-tier data object
>> > // ref like "#{loginBean}"
>> > // would return the LoginBean
>> > FacesContext context = FacesContext.getCurrentInstance();
>> > ValueBinding binding =
>> > context.getApplication().createValueBinding(ref);
>> > return binding.getValue(context);
>> > }
>> >
>> > public static LoginBean getLoginBean() {
>> > return (LoginBean )getManagedBean("#{loginBean}");
>> > }
>> >
>> > ...
>> >
>> > }
>> >
>> > Regards,
>> >
>> > Jeff Bischoff
>> > Kenneth L Kurz & Associates, Inc.
>> >
>> > tszpinda@gmail.com wrote:
>> >> Hi,
>> >> I'm wondering what solution for that you got boys:
>> >> - how should I pass the password and the user login through
>> >> beans, as I need both of them to retrieve data form database.
>> >>
>> >> Is good enough to have loginBean.java and then on each bean which
>> >> needs connect to db do something like:
>> >> FacesContext context = FacesContext.getCurrentInstance();
>> >> ValueBinding vb =
>> >> context.getApplication().createValueBinding("#{loginBean}");
>> >>
>> >> u = ((UserBean) vb.getValue(context));
>> >> userName = u.getLoginName();
>> >> passwd = u.getPasswd();
>> >> Or better solution will be put user and password to the session
>> >> like:
>> >> FacesContext fc = FacesContext.getCurrentInstance();
>> >> HttpSession session = (HttpSession)
>> >> fc.getExternalContext().getSession(false);
>> >> session.setAttribute("USER", loginName);
>> >> and then retrieve it when necessery:
>> >> HttpSession session = (HttpSession)
>> >> context.getExternalContext().getSession(false);
>> >> session.getAttribute("USER");
>> >>
>> >> Thanks for any suggestion!
>> >>
>> >> Tomek
>> >>
>> >>
>> >>
>> >
>> >
>> >
>>
>>
>
>
>
Re: Passing passwd & login
Posted by "tszpinda@gmail.com" <ts...@gmail.com>.
Actually I don't know how to do it, could please you send me some
example, or some links?
Thanks
Tomek
Mike Kienenberger wrote:
> Better yet would be to set loginBean as a managed property for any
> beans that use it. Then you don't need to write any code.
>
> On 12/7/06, tszpinda@gmail.com <ts...@gmail.com> wrote:
>> I see, thats pretty good idea, will do like you wrote, I'm quite lazy in
>> repeating the code, so that solution is for me :)
>>
>> Thanks everyone for help :)
>>
>> Tomek
>>
>> Jeff Bischoff wrote:
>> > Tomek,
>> >
>> > > session.setAttribute("USER", loginName);
>> >
>> > You shouldn't need to do direct session/request manipulation as long
>> > as you have a facescontext.
>> >
>> > I also don't like including all this FacesContext/ValueBinding code in
>> > every managed bean. Too much clutter.
>> >
>> > Better is a utility class that performs such lookups between managed
>> > beans:
>> >
>> > public class WebLookup {
>> >
>> > /**
>> > * Look up a managed bean by JSP-EL value-binding expression
>> > * @param ref a value-binding expression to lookup
>> > * @return the managed bean referenced by the expression
>> > */
>> > public static Object getManagedBean(String ref) {
>> > // Find or create the web-tier data object
>> > // ref like "#{loginBean}"
>> > // would return the LoginBean
>> > FacesContext context = FacesContext.getCurrentInstance();
>> > ValueBinding binding =
>> > context.getApplication().createValueBinding(ref);
>> > return binding.getValue(context);
>> > }
>> >
>> > public static LoginBean getLoginBean() {
>> > return (LoginBean )getManagedBean("#{loginBean}");
>> > }
>> >
>> > ...
>> >
>> > }
>> >
>> > Regards,
>> >
>> > Jeff Bischoff
>> > Kenneth L Kurz & Associates, Inc.
>> >
>> > tszpinda@gmail.com wrote:
>> >> Hi,
>> >> I'm wondering what solution for that you got boys:
>> >> - how should I pass the password and the user login through
>> >> beans, as I need both of them to retrieve data form database.
>> >>
>> >> Is good enough to have loginBean.java and then on each bean which
>> >> needs connect to db do something like:
>> >> FacesContext context = FacesContext.getCurrentInstance();
>> >> ValueBinding vb =
>> >> context.getApplication().createValueBinding("#{loginBean}");
>> >>
>> >> u = ((UserBean) vb.getValue(context));
>> >> userName = u.getLoginName();
>> >> passwd = u.getPasswd();
>> >> Or better solution will be put user and password to the session
>> >> like:
>> >> FacesContext fc = FacesContext.getCurrentInstance();
>> >> HttpSession session = (HttpSession)
>> >> fc.getExternalContext().getSession(false);
>> >> session.setAttribute("USER", loginName);
>> >> and then retrieve it when necessery:
>> >> HttpSession session = (HttpSession)
>> >> context.getExternalContext().getSession(false);
>> >> session.getAttribute("USER");
>> >>
>> >> Thanks for any suggestion!
>> >>
>> >> Tomek
>> >>
>> >>
>> >>
>> >
>> >
>> >
>>
>>
>
Re: Passing passwd & login
Posted by Mike Kienenberger <mk...@gmail.com>.
Better yet would be to set loginBean as a managed property for any
beans that use it. Then you don't need to write any code.
On 12/7/06, tszpinda@gmail.com <ts...@gmail.com> wrote:
> I see, thats pretty good idea, will do like you wrote, I'm quite lazy in
> repeating the code, so that solution is for me :)
>
> Thanks everyone for help :)
>
> Tomek
>
> Jeff Bischoff wrote:
> > Tomek,
> >
> > > session.setAttribute("USER", loginName);
> >
> > You shouldn't need to do direct session/request manipulation as long
> > as you have a facescontext.
> >
> > I also don't like including all this FacesContext/ValueBinding code in
> > every managed bean. Too much clutter.
> >
> > Better is a utility class that performs such lookups between managed
> > beans:
> >
> > public class WebLookup {
> >
> > /**
> > * Look up a managed bean by JSP-EL value-binding expression
> > * @param ref a value-binding expression to lookup
> > * @return the managed bean referenced by the expression
> > */
> > public static Object getManagedBean(String ref) {
> > // Find or create the web-tier data object
> > // ref like "#{loginBean}"
> > // would return the LoginBean
> > FacesContext context = FacesContext.getCurrentInstance();
> > ValueBinding binding =
> > context.getApplication().createValueBinding(ref);
> > return binding.getValue(context);
> > }
> >
> > public static LoginBean getLoginBean() {
> > return (LoginBean )getManagedBean("#{loginBean}");
> > }
> >
> > ...
> >
> > }
> >
> > Regards,
> >
> > Jeff Bischoff
> > Kenneth L Kurz & Associates, Inc.
> >
> > tszpinda@gmail.com wrote:
> >> Hi,
> >> I'm wondering what solution for that you got boys:
> >> - how should I pass the password and the user login through
> >> beans, as I need both of them to retrieve data form database.
> >>
> >> Is good enough to have loginBean.java and then on each bean which
> >> needs connect to db do something like:
> >> FacesContext context = FacesContext.getCurrentInstance();
> >> ValueBinding vb =
> >> context.getApplication().createValueBinding("#{loginBean}");
> >>
> >> u = ((UserBean) vb.getValue(context));
> >> userName = u.getLoginName();
> >> passwd = u.getPasswd();
> >> Or better solution will be put user and password to the session
> >> like:
> >> FacesContext fc = FacesContext.getCurrentInstance();
> >> HttpSession session = (HttpSession)
> >> fc.getExternalContext().getSession(false);
> >> session.setAttribute("USER", loginName);
> >> and then retrieve it when necessery:
> >> HttpSession session = (HttpSession)
> >> context.getExternalContext().getSession(false);
> >> session.getAttribute("USER");
> >>
> >> Thanks for any suggestion!
> >>
> >> Tomek
> >>
> >>
> >>
> >
> >
> >
>
>
Re: Passing passwd & login
Posted by "tszpinda@gmail.com" <ts...@gmail.com>.
I see, thats pretty good idea, will do like you wrote, I'm quite lazy in
repeating the code, so that solution is for me :)
Thanks everyone for help :)
Tomek
Jeff Bischoff wrote:
> Tomek,
>
> > session.setAttribute("USER", loginName);
>
> You shouldn't need to do direct session/request manipulation as long
> as you have a facescontext.
>
> I also don't like including all this FacesContext/ValueBinding code in
> every managed bean. Too much clutter.
>
> Better is a utility class that performs such lookups between managed
> beans:
>
> public class WebLookup {
>
> /**
> * Look up a managed bean by JSP-EL value-binding expression
> * @param ref a value-binding expression to lookup
> * @return the managed bean referenced by the expression
> */
> public static Object getManagedBean(String ref) {
> // Find or create the web-tier data object
> // ref like "#{loginBean}"
> // would return the LoginBean
> FacesContext context = FacesContext.getCurrentInstance();
> ValueBinding binding =
> context.getApplication().createValueBinding(ref);
> return binding.getValue(context);
> }
>
> public static LoginBean getLoginBean() {
> return (LoginBean )getManagedBean("#{loginBean}");
> }
>
> ...
>
> }
>
> Regards,
>
> Jeff Bischoff
> Kenneth L Kurz & Associates, Inc.
>
> tszpinda@gmail.com wrote:
>> Hi,
>> I'm wondering what solution for that you got boys:
>> - how should I pass the password and the user login through
>> beans, as I need both of them to retrieve data form database.
>>
>> Is good enough to have loginBean.java and then on each bean which
>> needs connect to db do something like:
>> FacesContext context = FacesContext.getCurrentInstance();
>> ValueBinding vb =
>> context.getApplication().createValueBinding("#{loginBean}");
>>
>> u = ((UserBean) vb.getValue(context));
>> userName = u.getLoginName();
>> passwd = u.getPasswd();
>> Or better solution will be put user and password to the session
>> like:
>> FacesContext fc = FacesContext.getCurrentInstance();
>> HttpSession session = (HttpSession)
>> fc.getExternalContext().getSession(false);
>> session.setAttribute("USER", loginName);
>> and then retrieve it when necessery:
>> HttpSession session = (HttpSession)
>> context.getExternalContext().getSession(false);
>> session.getAttribute("USER");
>>
>> Thanks for any suggestion!
>>
>> Tomek
>>
>>
>>
>
>
>
Re: Passing passwd & login
Posted by Jeff Bischoff <jb...@klkurz.com>.
Tomek,
> session.setAttribute("USER", loginName);
You shouldn't need to do direct session/request manipulation as long as
you have a facescontext.
I also don't like including all this FacesContext/ValueBinding code in
every managed bean. Too much clutter.
Better is a utility class that performs such lookups between managed beans:
public class WebLookup {
/**
* Look up a managed bean by JSP-EL value-binding expression
* @param ref a value-binding expression to lookup
* @return the managed bean referenced by the expression
*/
public static Object getManagedBean(String ref) {
// Find or create the web-tier data object
// ref like "#{loginBean}"
// would return the LoginBean
FacesContext context = FacesContext.getCurrentInstance();
ValueBinding binding = context.getApplication().createValueBinding(ref);
return binding.getValue(context);
}
public static LoginBean getLoginBean() {
return (LoginBean )getManagedBean("#{loginBean}");
}
...
}
Regards,
Jeff Bischoff
Kenneth L Kurz & Associates, Inc.
tszpinda@gmail.com wrote:
> Hi,
> I'm wondering what solution for that you got boys:
> - how should I pass the password and the user login through
> beans, as I need both of them to retrieve data form database.
>
> Is good enough to have loginBean.java and then on each bean which
> needs connect to db do something like:
> FacesContext context = FacesContext.getCurrentInstance();
> ValueBinding vb =
> context.getApplication().createValueBinding("#{loginBean}");
>
> u = ((UserBean) vb.getValue(context));
> userName = u.getLoginName();
> passwd = u.getPasswd();
> Or better solution will be put user and password to the session like:
> FacesContext fc = FacesContext.getCurrentInstance();
> HttpSession session = (HttpSession)
> fc.getExternalContext().getSession(false);
> session.setAttribute("USER", loginName);
> and then retrieve it when necessery:
> HttpSession session = (HttpSession)
> context.getExternalContext().getSession(false);
> session.getAttribute("USER");
>
> Thanks for any suggestion!
>
> Tomek
>
>
>