'Re: Container managed authentication in Myfaces/JSF'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       myfaces-user
Subject:    Re: Container managed authentication in Myfaces/JSF
From:       Joey Geiger <joey () staff ! onmilwaukee ! com>
Date:       2006-02-28 17:08:13
Message-ID: 4404837D.7060404 () staff ! onmilwaukee ! com
[Download RAW message or body]

I've run into issues with Spring and the OpenSessionInViewFilter, or 
anything in general that needs to be displayed and is in a request scope.
That is one of the most frustrating things for me coming from a PHP/Perl 
programming background.

Ming Hu wrote:
> <redirect/> inside of a <navigation-case> works fine. And I like it 
> for the following reasons:
> 1. I can use container managed authentication, hence container managed 
> authorization on the EJB/middle tier.
> 2. My browser's address bar displays the corresponding link when a 
> command link/button is clicked, hence I can bookmark the URL.
>
> However I'd like to know more about the ramifications of using redirect.
>
> Cristi mentioned the lost of validation messages. Is this caused by 
> the faces servlet renders a different view for "redirected" URL? Are 
> there any other potential issues?
>
> I really appreciate your time spent looking into this.
>
> Regards,
>
> Ming
>
>
> On 2/28/06, *Grigoras Cristinel* < grig@wdd.ro <mailto:grig@wdd.ro>> 
> wrote:
>
>     Hi,
>
>     You have tried to use redirect inside navigation case like this?
>     <navigation-case>
>         <from-outcome>nav_page_domain_op_list</from-outcome>
>         <to-view-id>/page_domain_op_list</to-view-id>
>         <redirect/>
>     </navigation-case>
>     in this case you loose validation messages.
>
>     other solution is to write your own navigation handler.
>
>     Cristi
>
>     Ming Hu wrote:
>     > Redirect works but it's not what I wanted. The functionality I'd
>     like
>     > to have is to put security constraints on the action values of
>     > JSF/Myfaces command links or buttons.
>     >
>     > Regards,
>     >
>     > Ming
>     >
>     > On 2/27/06, *Grigoras Cristinel* < grig@wdd.ro
>     <mailto:grig@wdd.ro> <mailto:grig@wdd.ro <mailto:grig@wdd.ro>>>
>     > wrote:
>     >
>     >     Hi,
>     >          Is working if  you use redirect.
>     >
>     >     Cristi
>     >
>     >
>     >     Ming Hu wrote:
>     >     > I have the following navigation case:
>     >     >
>     >     >   <navigation-case>
>     >     >    <from-outcome>nav_page_domain_op_list</from-outcome>
>     >     >    <to-view-id>/page_domain_op_list</to-view-id>
>     >     >   </navigation-case>
>     >     >
>     >     > and the following security constraint:
>     >     > ...
>     >     >       <url-pattern>/page_domain_op_list.jsf</url-pattern>
>     >     > ...
>     >     >
>     >     > If I point my browser to
>     >     localhost:8080/myapp/page_domain_op_list.jsf,
>     >     > the web app works fine and the sign-in page is popup up by the
>     >     > container automatically.
>     >     >
>     >     > However I run into issues when I want to add same control on a
>     >     > JSF/Myfaces command link or command button. I tried to use
>     >     > "page_domain_op_list.jsf" or "nav_page_domain_op_list.jsf"
>     as the
>     >     > action value, but neither worked.
>     >     >
>     >     > How should I handle this kind of situation? Has anyone put any
>     >     > thoughts into this? I'd really appreciate your inputs.
>     >     >
>     >     > Regards,
>     >     >
>     >     > Ming
>     >     >
>     >
>     >
>
>


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic