You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@struts.apache.org by Jason Vincent <jt...@gmail.com> on 2006/01/16 23:11:12 UTC

Shale redirect to login page for secured pages

Hi there,

I'd like to setup this usecase, in Shale/JSF...

1) user requests a url that is configured as "secured".
2) system checks for logged in user.
3) if the user is not logged in, then redirect to the login page.
4) on successfull login, redirect to orginally requested URL.

currently I just have a index.jsp that forwards to home.jsf.  In my
faces-config, I have
    <!--home navigation rule-->
    <navigation-rule>
        <from-view-id>*</from-view-id>
        <navigation-case>
            <from-action>#{login.checkAuthenticated}</from-action>
            <from-outcome>unauthenticated</from-outcome>
            <to-view-id>/login/login.jsf</to-view-id>
        </navigation-case>
        <navigation-case>
            <from-action>#{login.checkAuthenticated}</from-action>
            <from-outcome>authenticated</from-outcome>
            <to-view-id>/home.jsf</to-view-id>
        </navigation-case>
    </navigation-rule>

the checkAuthenticated method isn't even being called when the home.jsf page
is called.

anybody know what I'm missing?

Re: Shale redirect to login page for secured pages

Posted by Craig McClanahan <cr...@apache.org>.

On 1/16/06, Jason Vincent <jt...@gmail.com> wrote:
>
> Hi there,
>
> I'd like to setup this usecase, in Shale/JSF...
>
> 1) user requests a url that is configured as "secured".
> 2) system checks for logged in user.
> 3) if the user is not logged in, then redirect to the login page.
> 4) on successfull login, redirect to orginally requested URL.
>
> currently I just have a index.jsp that forwards to home.jsf.  In my
> faces-config, I have
>     <!--home navigation rule-->
>     <navigation-rule>
>         <from-view-id>*</from-view-id>
>         <navigation-case>
>             <from-action>#{login.checkAuthenticated}</from-action>
>             <from-outcome>unauthenticated</from-outcome>
>             <to-view-id>/login/login.jsf</to-view-id>
>         </navigation-case>
>         <navigation-case>
>             <from-action>#{login.checkAuthenticated}</from-action>
>             <from-outcome>authenticated</from-outcome>
>             <to-view-id>/home.jsf</to-view-id>
>         </navigation-case>
>     </navigation-rule>
>
> the checkAuthenticated method isn't even being called when the home.jsfpage
> is called.
>
> anybody know what I'm missing?


Navigation is not invoked until after a JSF page submits its form, so that
will not help you with this use case of initial navigation to a secured
page.  Instead, you'll want to look at using Shale's ability to insert logic
into the "preprocess" chain to do the check for you.  Alternatively,
traditional solutions like SecurityFilter will work here as well.

Craig