You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@myfaces.apache.org by syllepsa <sy...@wp.pl> on 2007/05/15 14:34:59 UTC

Form-Based Authentication and URL

Hi,

1. In my application I decided to use  Form-Based Authentication. The
problem is that whenever I enter protected resource  area for the first time
I am not rededirected to the login page.  That's related with the fact that
JSF holds the old URL (the one the action came from). I read that I can use
redirect tag on each unprotected page but in this case I can forget about
using validators and saveState. Shall I forget about using Form-Based
Authentication and write custom PhaseListener ?

2. If JSF holds an old URL in internet browser then how to design an
application which will forward me to the desired webpage. For exmple I have
forum app. I 've founded an intersting topic. I decided to copy its URL.
Next day I paste the topic URL into my browser but I am redirected to the
wrong page.

I am using MyFaces 1.1.4

Regards,

Mariusz
       
-- 
View this message in context: http://www.nabble.com/Form-Based-Authentication-and-URL-tf3758222.html#a10621968
Sent from the MyFaces - Users mailing list archive at Nabble.com.

Re: Form-Based Authentication and URL

Posted by Erlend Hamnaberg <er...@underdusken.no>.

syllepsa wrote:
> Hi,
>
> 1. In my application I decided to use  Form-Based Authentication. The
> problem is that whenever I enter protected resource  area for the first time
> I am not rededirected to the login page.  That's related with the fact that
> JSF holds the old URL (the one the action came from). I read that I can use
> redirect tag on each unprotected page but in this case I can forget about
> using validators and saveState. Shall I forget about using Form-Based
> Authentication and write custom PhaseListener ?
>   
Create a filter that checks your credentials before you are allowed 
access to the protected area.
You may for instance use www.acegisecurity.org which have filter based 
access to protected areas. You may also change your auth scheme by 
configuration. How to implement this is IMHV  beyond the scope of this 
mailing list.
> 2. If JSF holds an old URL in internet browser then how to design an
> application which will forward me to the desired webpage. For exmple I have
> forum app. I 've founded an intersting topic. I decided to copy its URL.
> Next day I paste the topic URL into my browser but I am redirected to the
> wrong page.
>
> I am using MyFaces 1.1.4
>
> Regards,
>
> Mariusz
>        
>