You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by Apache Wiki <wi...@apache.org> on 2006/06/16 10:38:17 UTC

[Myfaces Wiki] Update of "JSF and Acegi" by LanceFrohman

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Myfaces Wiki" for change notification.

The following page has been changed by LanceFrohman:
http://wiki.apache.org/myfaces/JSF_and_Acegi

New page:
##language:en
== Using Java Server Pages with Acegi Security: ==

* The Acegi Security home page is http://www.acegisecurity.org/

* The problem is that, as is, the login page created with JSF is not compatible with Acegi

* Solution [http://jroller.com/page/vtatai Victor's Blog]

* Solution [http://www.jroller.com/page/fairTrade?entry=integrating_acegi_and_jsf_revisited Integrating Acegi and JSF: Revisited]

* A new solution is presented here

* To get the input fields correct, my login page (login.jsp) has:
{{{
<t:inputText id="j_username" forceId="true" value="#{welcomeBean.customerId}" size="40" maxlength="80"></t:inputText>

<t:inputSecret id="j_password" forceId="true" value="#{welcomeBean.password}" size="40" maxlength="80" redisplay="true"></t:inputSecret>

<h:commandButton action="login" value="#{messages.page_signon}"/>
}}}

* To send to the correct destination, faces-config.xml has:
{{{
<navigation-rule>
	<from-view-id>/login.jsp</from-view-id>
	<navigation-case>
		<from-outcome>login</from-outcome>
		<to-view-id>/j_acegi_security_check.jsp</to-view-id>
	</navigation-case>
</navigation-rule>
}}}

* applicationContext.xml has:
{{{
<bean id="formAuthenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
	<property name="filterProcessesUrl">
		<value>/j_acegi_security_check.jsp</value>
	</property>
	<property name="authenticationFailureUrl">
		<value>/login.faces</value>
	</property>
	<property name="defaultTargetUrl">
		<value>/</value>
	</property>
	<property name="authenticationManager">
		<ref bean="authenticationManager" />
	</property>
</bean>
}}}

* To make sure that the page forwarded to /j_acegi_security_check.jsp goes through the Acegi Filter Chain Proxy, web.xml has:
{{{
<filter-mapping>
	<filter-name>Acegi Filter Chain Proxy</filter-name>
	<url-pattern>/*</url-pattern>
	<dispatcher>FORWARD</dispatcher>
	<dispatcher>REQUEST</dispatcher>
</filter-mapping>
}}}

* Finally, to display any acegi errors, in my backing bean, I have:

{{{
Exception ex = (Exception)FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY);
if (ex != null)
	FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, ex.getMessage(), ex.getMessage()));
}}}