Forms 6i availability? I'm Disappointed.
Here is my issue/question. It is obvious that 6i has been out for a WHILE! I have seen many posted messages, iTARS, etc referencing the availability of downloading forms updates, availablity of getting patches, etc. My company currently owns serveral licenses of Forms, we pay a good deal of money for support, and yet it is April 27, and I still don't have Forms 6i. How much do we have to pay and who do we have to kiss to get a freakin update from Oracle? We have logged at least three techical tars in the last month, all of which we were told that it was fixed in 6i and we would have to wait. Well, we are waiting.......and so are our clients. Perhaps the solution is www.microsoft.com? To the folks at Oracle, I say clean up your act. The developer community does not deserve this type of treatment. And PLEASE, PLEASE, PLEASE fix this web site. Your downloads are always broken. Please read the messages below. I'm not the only one!!!
I don't bother trying to download from Technet anymore using HTTP. I find accessing ftp://ftp.oracle.com/otn to be much more reliable. The only problem is that it takes ages to actually get the initial connection, since all the available connections are usually in use. You also have to use a bit of intuition and guesswork to find the files you want. So far this week, I've retrieved JDeveloper 3.1, Forms 6i and OAS 4.0.8.1. You're all correct though, it shouldn't have to be this way and Oracle will have to sort these problems out if they want to attain and retain kudos with the developer community.
Similar Messages
-
Testing Forms Services availability with Hardware Load Balancer
I have posted a question about load balancing to a group of application services running Forms Services here on the Forms forum but have had no reply:
Forms Services availability checking for BIGIP Load Balancer
My basic questions are:
a) What do people recommend for load balancing Forms ... least connection, round robin ... ?
b) Do people use http://server:port/forms/frmservlet?ifcmd=status or have some of you used something else?
My reason for the question is we had a Forms Services failure that was not detected by the ifcmd servlet as the HTTP side of things was still working. This meant that the BIGIP load balancer sent everything to the failed server as it had the least connections. So basically no-one could logon.
I've raised an SR with Oracle but they recommend the standard URL above. Has anyone else had a problem like this and if so were you able to fix it?
Regards,
PhilippeWell SR followed up and it looks like the only course of action is to use the standard HTTP check: http://server:port/forms/frmservlet?ifcmd=status ...
... unless that is you want to do some serious customisation. Oracle don't support any other form of checking.
I'm guessing from the lack of responses to this thread that this hasn't been an issue for anybody else ... ???
Any thoughts/suggestions really welcome as we go into production in 4 weeks.
a) What do people recommend for load balancing Forms ... least connection, round robin ... ?
b) Do people use http://server:port/forms/frmservlet?ifcmd=status or have some of you used something else?
Thanks,
Philippe -
Forms Services availability checking for BIGIP Load Balancer
We are load balancing across a number of 10.1.2.2 Forms servers using a BIGIP load balancer. Currently our load balancing is done based on which server has the "least connections" to the BIGIP. So far we have been using the following test URL to allow BIGIP to check the availability of the Forms Services on each server.
http://server:port/forms/frmservlet?ifcmd=status
This works well however it only checks through to the HTTP level within Forms Services. We encountered a problem when the Forms Services failed to work on a particular server however the above URL showed that everything was OK. The effect of this was that all new users attempting to login were directed to the failed server as this server had the "least number of connections".
After raising an SR with Oracle they advised that the forking of runtime processes had probably failed and this was not detectable by the load balancer with the above URL. So they have recommended a number of options for checking the status of the Forms Services. These are:
a) http://server:port/forms/frmservlet
This loads the default Form and therefore by definition tests the forking of runtime processes. However BIGIP is unable to automatically process the information to distinguish whether the service is up or down. Oracle recommended that if using this method we would need to customise BIGIP to handle the various FRM-xxxx error codes.
b) http://server:port/forms/frmservlet?userid=scott/tiger@YOURDB&form=yourtestform.
fmx
Even more thorough would be to actual log on to the database using a test form as above.
My question is does anyone out there have experience in checking Forms Services availability using these last two methods as I'm not sure how to customize the load balancer so that it can handle the output of these URLs. Also when using the original URL is it normal to load balance using a "least connections" method or do people out there use a different algorithm.
Thanks for any help/advise that you can give.
Regards,
PhilippeWell SR followed up and it looks like the only course of action is to use the standard HTTP check: http://server:port/forms/frmservlet?ifcmd=status ...
... unless that is you want to do some serious customisation. Oracle don't support any other form of checking.
I'm guessing from the lack of responses to this thread that this hasn't been an issue for anybody else ... ???
Any thoughts/suggestions really welcome as we go into production in 4 weeks.
a) What do people recommend for load balancing Forms ... least connection, round robin ... ?
b) Do people use http://server:port/forms/frmservlet?ifcmd=status or have some of you used something else?
Thanks,
Philippe -
Validation Form - User Availability
I am doing a user registration UI for a web project. Our
database has usernames unique. I dont want the user to create an
account, submit form, then come back and see they have an error:
username is already taken. I would like to put a button next to the
username input field called Check. This button i want it to check
the username availability. I have a php function that returns true
or false depending on the username check. I want this to be a
validation widget to my input field. Can this be done using spry
1.6? If, yes could you point out some hints?Hi,
you can achieve this behavior by using Spry sending the
username when the Check button is pressed and receiving as response
the xml with the existent usernames. Your custom function will
submit the form via XHR. The callback function will interpret the
response from the server.
You can see an example on this
page.
Also you should consider a security issue if you return the
xml containing the usernames, because it will be available for all
Diana -
From Forms Product Management - New Oracle9i Forms Course Available
The Forms development team are proud to announce that we have a new classroom course for Oracle9i Forms available.
Form more information see the link on the Forms home page http://otn.oracle.com/products/forms/
Thanks
Grant Ronald
Forms Product ManagementGrant...can you also tell us if you expect to release a pre-904 webutil release?
And where can we log errors about webutil beta, since it's not officially supported? I'd like to log a bug named in a previous post of me: webutil: webutil_file.file_open_dialog with filter doesn't work as expected -
Building recordset query dynamically based on form parameter availability
Hi,
I have a real estate property table that I'd like to query.
The form itself let's the user search by state, county, zip code
etc. The user need not enter all the information. For eg: If the
user just selects a state and searches, I should list all
properties that belong to that state. But if the user also selects
a county along with state then I should filter the results by state
AND county. This situation applies for a lot of the form
parameters.
Now, in Dreamweaver when I try to create a recordset, I want
to append
AND county = $_REQUEST['county']
to the end of my record set query if and only if the user
selected a county. If the user didn't select the county, I do not
want to have that as part of my query.
Is there an easy way to do this in DW? I understand that
variables let you define a default var. I donot even want to
specify a default value.
Any help is greatly appreciated.
Thanks!!You'll have to write the code yourself but something like
this...
sqlString = "SELECT .... "
if user selects county (probably a drop down list) then
sqlString = sqlString + " AND county = " + $_REQUEST
then just send the sqlString to the server.
"flash0777" <[email protected]> wrote in
message
news:e40b1o$bok$[email protected]..
> Hi,
>
> I have a real estate property table that I'd like to
query. The form
> itself
> let's the user search by state, county, zip code etc.
The user need not
> enter
> all the information. For eg: If the user just selects a
state and
> searches, I
> should list all properties that belong to that state.
But if the user also
> selects a county along with state then I should filter
the results by
> state AND
> county. This situation applies for a lot of the form
parameters.
>
> Now, in Dreamweaver when I try to create a recordset, I
want to append
> AND county = $_REQUEST
> to the end of my record set query if and only if the
user selected a
> county.
> If the user didn't select the county, I do not want to
have that as part
> of my
> query.
>
> Is there an easy way to do this in DW? I understand that
variables let you
> define a default var. I donot even want to specify a
default value.
>
> Any help is greatly appreciated.
>
> Thanks!!
> -
Numbers new form not available? Ios6
I have updated numbers and when I click the plus symbol all I get is a new sheet. Has it moved somewhere, been taken away or something else? Deleted app and reinstalled it but same problem. Anyone else got this issue?
iPad 16gb with wifi and cellular..dont forget that you need a table with a header row for it to reference. Then you should see the form option show up. it wont show up otherwise.
Jason -
Oracle Forms 11g available now!!
Hi forum
I just wanted to be the first to make this announcement :-) It's out, go download it here:
http://www.oracle.com/technology/software/products/middleware/htdocs/111110_fmw.html
Let the testing begin! I hope it's been worth the wait...
JacobForms and Reports Builder is now part of the same installation as the Forms server installation - you simply run the installer on your PC and choose to install Forms and Reports Builder only and deselect all the server parts.
There's an installation guide here: http://download.oracle.com/docs/cd/E12839_01/install.1111/e12003/claqi.htm. However, its a bit unclear whether Forms Builder requires a separate WebLogic installation on your client PC to be able to run forms locally. Grant or Jan, can you fill in the blanks here?
Jacob -
Are ZCI interactive forms available via Web Dynpro for ABAP?
Note 955795 talks about ZCI forms available via Web Dynpro for Java. Is this kind of forms also available via Web Dynpro for ABAP?.
Do ZCI interactive forms work via Web Dynpro for ABAP without the need of ACF?
If available, which support package levels are required?
RegardsHi Mahamed,
I got your problem. You have not done anything wrong.
It is WebAS version which is not supported for this functionality.
But there is solution to this problem
Please refer to the SAP Note number - 1055738.
I think you will get the answer and the scenario described there will match your requirement.
This is a know issues with WebDypro ABAP but this works fine for Java Web Dynpro.
I have also tried for 2 months but finally came to know about it.
Regards
Satya -
Making Multiple Digital Signatures Read-only in Form (Acrobat 9)
I have created a form which includes two (2) digital signature fields. What needs to occur with the form is Person1 fills the form and then digitally signs it thereby making the form fields read-only . Person2 then digitally signs the form which should make Person1's digital signature read-only.
Here's what I've done:
1) For the Person1 digital signature field, in Digital Signature Properties, under the Signed tab, I have selected Mark as read-only <all fields except these> and selected the Person2 digital signature field.
2) For the Person2 digital signature field, in Digital Signature Properties, under the Signed tab, I have selected Mark as read-only <all fields> since once Person2 signs the form I do not want Person1 to be able to clear the digital signature and make changes to the form.
Here's what actually occurs:
Step 1 above works fine. Once the signature is applied all the form fields are read-only except for the Person2 digital signature field.
The problem is that after Person2 digitally signs the form, even though I selected all fields as read-only, Person1 can 'clear' their signature which leaves all the form fields available for editing and leaves Person2's digital signature still on the form.
I honestly don't care about 'validating' signatures on this form since it's going to be printed but I cannot allow Person2's signature to remain on the form and allow Person1 to edit the form.
--Mike.Hi!
I have the same problem. Have not been able to figure it out, although tried everything.
Hope somebody can help
- MackeMan -
How to create a form for email?
Hi all,
I use 1 and 1 for hosting however they do not have a form script available with
the package I have.
What is the best way to put a simple form on my site? One that would be for
entering an email for a free report/newsletter is what I am shooting for?
I was told there are a couple free wysiwyg ones, however I tried them and when
you copy the code and use it in DW it does not come out looking very well, or
at least I couldn't get it to work. So I would like to do it the right way and of
course the lowest cost way of doing it.
Any help is greatly appreciated...regards, ..danoHello,
Yes I have no doubt the code is messed up
I guess I should start from the beginning. Here is the original code below for the form code that I recieved from
my hosting Company to use.
However all I need is the email field and a submit button and not the other fields. That is probably how
I managed to mess up the code, I was trying to take out the other fields, line it up etc and most likely did a pretty
good hack job.
I tried this original code and yes your right it really did mess up the side bar terribly.
Here is the original code my hosting Co gave me before I made a mess out of it.
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Contact Us</title>
<link rel="stylesheet" type="text/css" href="../../css/nms.css" />
</head>
<body>
<form method="post" action="mail.php">
<table>
<tr>
<td>What is your name ?</td>
<td><input type="text" name="name" /></td>
</tr>
<tr>
<td>What is your e-mail address ?</td>
<td><input type="text" name="email" /></td>
</tr>
<tr>
<td> Comments:</td>
<td><textarea name="data" cols=40 rows=6></textarea></td>
</tr>
<tr>
<td colspan="2"><input type="submit" /></td>
</tr>
</table>
</form>
</body>
</html>
Here is my site and where I wanted to put this was on the very top
of the right side-bar, just above the words Customer Testimonial. here
is my site wwwdotselfdefenseproshopdotcom
Thanks for any help...
Regards, -
Calling report from FORM - error Invalid value of paramente 'P_YEAR'
Hi guys,
Could you please help me to figure out what is going wrong
with my form which run a report?
I am using Developer suite 10g.
when i run report from report application it run fine,
but when i call that report from a form it gives me error.
I have checked the datatype, checked the parameter value
that I assign from form is available in the report parameter value.
What else do i have to check in order to run this report
from the form.
Error Message from Report Queue Manager:
Invalid value for parameter 'P_YEAR'.
Your insight will be appreciated.Thank you for reply Denis,
Here is the code which run_report from form.
DECLARE
-- variables for running individual reports
report_filename VARCHAR2(40);
var_reportpath VARCHAR2(100);
report_otherparms VARCHAR2(200);
-- variables to keep track of successful reports in silent mode
rep_status VARCHAR2(40);
rep_req NUMBER := 0;
rep_count NUMBER := 0;
dummy NUMBER;
-- variables to load the report names and checkboxes into the parameter list
pl_id PARAMLIST;
plname VARCHAR2(20) := 'rpt_list';
-- variables to loop through the parameter list and run the reports
i NUMBER;
split_loc NUMBER;
param_value VARCHAR2(40);
checkbox_name VARCHAR2(40);
report_basename VARCHAR2(40);
svc_name VARCHAR2(4);
run_report BOOLEAN;
disp_exist BOOLEAN := get_current_service_count( :global.filename_prefix, 'DISP',
:reports_control.year_list, :reports_control.quarter_list,
:reports_control.group_list );
hosp_exist BOOLEAN := get_current_service_count( :global.filename_prefix, 'HOSPICE',
:reports_control.year_list, :reports_control.quarter_list,
:reports_control.group_list );
orth_exist BOOLEAN := get_current_service_count( :global.filename_prefix, 'O/P',
:reports_control.year_list, :reports_control.quarter_list,
:reports_control.group_list );
BEGIN
-- Are any reports selected?
IF BOXES_ARE_CHECKED(:System.Cursor_Block,'PRINT_NULL_REPORT') THEN
if not CHECKBOX_CHECKED('print_null_report') then
disp_exist := TRUE;
orth_exist := TRUE;
hosp_exist := TRUE;
end if;
-- Create Report Parameter Listing
pl_id := GET_PARAMETER_LIST(plname);
if NOT ID_NULL(pl_id) then
DESTROY_PARAMETER_LIST(pl_id);
end if;
pl_id := CREATE_PARAMETER_LIST(plname);
if ID_NULL(pl_id) then
GENERIC_ALERT('Error creating report listing');
RAISE Form_Trigger_Failure;
end if;
ADD_PARAMETER(pl_id,'id1', TEXT_PARAMETER,'cover_page_intro!INTRO');
ADD_PARAMETER(pl_id,'id2', TEXT_PARAMETER,'utilization_profile!ALLUTIL');
ADD_PARAMETER(pl_id,'id3', TEXT_PARAMETER,'utilization_summary!ALL_SUMMARY');
ADD_PARAMETER(pl_id,'id4', TEXT_PARAMETER,'hiv_profile!HIV_PROFILE');
ADD_PARAMETER(pl_id,'id5', TEXT_PARAMETER,'wound_care_profile!WOUND_CARE_PROF');
ADD_PARAMETER(pl_id,'id6', TEXT_PARAMETER,'top_10_diagnosis!TOP10DIAG');
ADD_PARAMETER(pl_id,'id7', TEXT_PARAMETER,'diagnosis_profile!DIAG_PROFILE');
ADD_PARAMETER(pl_id,'id8', TEXT_PARAMETER,'physician_profile!PHYS_PROFILE');
ADD_PARAMETER(pl_id,'id9', TEXT_PARAMETER,'physician_specialty!PHYS_SPECIALTY');
ADD_PARAMETER(pl_id,'id10',TEXT_PARAMETER,'discharge_profile!DISCHARGE_PROFILE');
ADD_PARAMETER(pl_id,'id11',TEXT_PARAMETER,'acute_care_discharge!ACUTE_DSCHRG');
ADD_PARAMETER(pl_id,'id12',TEXT_PARAMETER,'excessive_cost_patients!EXCESSIVE_COST');
ADD_PARAMETER(pl_id,'id13',TEXT_PARAMETER,'provider_profile!PROV_PROFILE');
ADD_PARAMETER(pl_id,'id14',TEXT_PARAMETER,'service_profile!SERVICE_PROFILE');
ADD_PARAMETER(pl_id,'id15',TEXT_PARAMETER,'age_gender_profile!AGE_GENDER_PROF');
ADD_PARAMETER(pl_id,'id16',TEXT_PARAMETER,'network_services!NETWORK_SERVICES');
ADD_PARAMETER(pl_id,'id17',TEXT_PARAMETER,'thh_section_header!THH_COVER');
ADD_PARAMETER(pl_id,'id18',TEXT_PARAMETER,'thh_utilization!THH_UTILIZATION');
ADD_PARAMETER(pl_id,'id19',TEXT_PARAMETER,'thh_service_profile!THH_SVC_PROF');
ADD_PARAMETER(pl_id,'id20',TEXT_PARAMETER,'hit_section_header!HIT_COVER');
ADD_PARAMETER(pl_id,'id21',TEXT_PARAMETER,'hit_utilization!HIT_UTILIZATION');
ADD_PARAMETER(pl_id,'id22',TEXT_PARAMETER,'hit_service_profile!HIT_SVC_PROF');
ADD_PARAMETER(pl_id,'id23',TEXT_PARAMETER,'hme_section_header!HME_COVER');
ADD_PARAMETER(pl_id,'id24',TEXT_PARAMETER,'hme_utilization!HME_UTILIZATION');
ADD_PARAMETER(pl_id,'id25',TEXT_PARAMETER,'hme_service_profile!HME_SVC_PROF');
ADD_PARAMETER(pl_id,'id26',TEXT_PARAMETER,'disp_section_header!DISP_COVER');
ADD_PARAMETER(pl_id,'id27',TEXT_PARAMETER,'disp_utilization!DISP_UTILIZATION');
ADD_PARAMETER(pl_id,'id28',TEXT_PARAMETER,'disp_service_profile!DISP_SVC_PROF');
ADD_PARAMETER(pl_id,'id29',TEXT_PARAMETER,'hosp_section_header!HOSP_COVER');
ADD_PARAMETER(pl_id,'id30',TEXT_PARAMETER,'hosp_utilization!HOSP_UTILIZATION');
ADD_PARAMETER(pl_id,'id31',TEXT_PARAMETER,'hosp_service_profile!HOSP_SVC_PROF');
ADD_PARAMETER(pl_id,'id32',TEXT_PARAMETER,'orth_section_header!ORTH_COVER');
ADD_PARAMETER(pl_id,'id33',TEXT_PARAMETER,'orth_utilization!ORTH_UTILIZATION');
ADD_PARAMETER(pl_id,'id34',TEXT_PARAMETER,'orth_service_profile!ORTH_SVC_PROF');
ADD_PARAMETER(pl_id,'id35',TEXT_PARAMETER,'encounter_detail!ENCOUNTER_DETAIL');
--- set up other parameters to send to generate_report
if :reports_control.output_choices = 'FILE' then
var_reportpath := :global.report_directory || :reports_control.year_list;
if :global.filename_suffix <> '_A10G' then
var_reportpath := var_reportpath || 'q' || :reports_control.quarter_list;
end if;
var_reportpath := var_reportpath || '_G' || :reports_control.group_list || '_';
else
var_reportpath := '';
end if;
report_otherparms := 'p_year='||:reports_control.year_list;
if :global.filename_suffix <> '_A10G' then
report_otherparms := report_otherparms || ' p_quarter='||:reports_control.quarter_list;
end if;
report_otherparms := report_otherparms || ' P_REPORTGROUPID='||:reports_control.group_list;
--- Check if reports are checked and submit to Reports Server
for i in 1..35 loop
GET_PARAMETER_ATTR(pl_id,'id'||i,dummy,param_value);
split_loc := instr(param_value,'!');
checkbox_name := substr(param_value,1,split_loc-1);
report_basename := substr(param_value,split_loc+1,length(param_value));
if CHECKBOX_CHECKED(checkbox_name) then
run_report := TRUE;
svc_name := substr(report_basename,1,4);
if svc_name = 'DISP' then
if not disp_exist then
run_report := FALSE;
end if;
elsif svc_name = 'ORTH' then
if not orth_exist then
run_report := FALSE;
end if;
elsif svc_name = 'HOSP' then
if not hosp_exist then
run_report := FALSE;
end if;
end if;
if run_report then
report_filename := :global.filename_prefix || report_basename || '_10G';---- :global.filename_prefix || report_basename || :global.filename_suffix;
GENERIC_ALERT(report_filename || ' ' || report_otherparms);
rep_status := GENERATE_REPORT(report_filename,:reports_control.output_choices,var_reportpath,report_otherparms);
rep_req := rep_req + 1;
if rep_status = 'FINISHED' then
rep_count := rep_count + 1;
end if;
end if;
end if;
end loop;
-- if we're in silent mode, display a completion message
if :reports_control.output_choices = 'FILE' and CHECKBOX_CHECKED('chk_silent') then
SET_ALERT_PROPERTY('REPORT_CREATED',alert_message_text,
'' || rep_count || ' of ' || rep_req || ' reports created successfully');
dummy := SHOW_ALERT('REPORT_CREATED');
end if;
ELSE
dummy := SHOW_ALERT('select_report');
END IF;
END; -
Using container managed form-based security in JSF
h1. Using container managed, form-based security in a JSF web app.
A Practical Solution
h2. {color:#993300}*But first, some background on the problem*{color}
The Form components available in JSF will not let you specify the target action, everything is a post-back. When using container security, however, you have to specifically submit to the magic action j_security_check to trigger authentication. This means that the only way to do this in a JSF page is to use an HTML form tag enclosed in verbatim tags. This has the side effect that the post is not handled by JSF at all meaning you can't take advantage of normal JSF functionality such as validators, plus you have a horrible chimera of a page containing both markup and components. This screws up things like skinning. ([credit to Duncan Mills in this 2 years old article|http://groundside.com/blog/DuncanMills.php?title=j2ee_security_a_jsf_based_login_form&more=1&c=1&tb=1&pb=1]).
In this solution, I will use a pure JSF page as the login page that the end user interacts with. This page will simply gather the input for the username and password and pass that on to a plain old jsp proxy to do the actual submit. This will avoid the whole problem of having to use verbatim tags or a mixture of JSF and JSP in the user view.
h2. {color:#993300}*Step 1: Configure the Security Realm in the Web App Container*{color}
What is a container? A container is basically a security framework that is implemented directly by whatever app server you are running, in my case Glassfish v2ur2 that comes with Netbeans 6.1. Your container can have multiple security realms. Each realm manages a definition of the security "*principles*" that are defined to interact with your application. A security principle is basically just a user of the system that is defined by three fields:
- Username
- Group
- Password
The security realm can be set up to authenticate using a simple file, or through JDBC, or LDAP, and more. In my case, I am using a "file" based realm. The users are statically defined directly through the app server interface. Here's how to do it (on Glassfish):
1. Start up your app server and log into the admin interface (http://localhost:4848)
2. Drill down into Configuration > Security > Realms.
3. Here you will see the default realms defined on the server. Drill down into the file realm.
4. There is no need to change any of the default settings. Click the Manage Users button.
5. Create a new user by entering username/password.
Note: If you enter a group name then you will be able to define permissions based on group in your app, which is much more usefull in a real app.
I entered a group named "Users" since my app will only have one set of permissions and all users should be authenticated and treated the same.
That way I will be able to set permissions to resources for the "Users" group that will apply to all users that have this group assigned.
TIP: After you get everything working, you can hook it all up to JDBC instead of "file" so that you can manage your users in a database.
h2. {color:#993300}*Step 2: Create the project*{color}
Since I'm a newbie to JSF, I am using Netbeans 6.1 so that I can play around with all of the fancy Visual Web JavaServer Faces components and the visual designer.
1. Start by creating a new Visual Web JSF project.
2. Next, create a new subfolder under your web root called "secure". This is the folder that we will define a Security Constraint for in a later step, so that any user trying to access any page in this folder will be redirected to a login page to sign in, if they haven't already.
h2. {color:#993300}*Step 3: Create the JSF and JSP files*{color}
In my very simple project I have 3 pages set up. Create the following files using the default templates in Netbeans 6.1:
1. login.jsp (A Visual Web JSF file)
2. loginproxy.jspx (A plain JSPX file)
3. secure/securepage.jsp (A Visual Web JSF file... Note that it is in the sub-folder named secure)
Code follows for each of the files:
h3. {color:#ff6600}*First we need to add a navigation rule to faces-config.xml:*{color}
<navigation-rule>
<from-view-id>/login.jsp</from-view-id>
<navigation-case>
<from-outcome>loginproxy</from-outcome>
<to-view-id>/loginproxy.jspx</to-view-id>
</navigation-case>
</navigation-rule>
NOTE: This navigation rule simply forwards the request to loginproxy.jspx whenever the user clicks the submit button. The button1_action() method below returns the "loginproxy" case to make this happen.
h3. {color:#ff6600}*login.jsp -- A very simple Visual Web JSF file with two input fields and a button:*{color}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="2.1"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:jsp="http://java.sun.com/JSP/Page"
xmlns:webuijsf="http://www.sun.com/webui/webuijsf">
<jsp:directive.page
contentType="text/html;charset=UTF-8"
pageEncoding="UTF-8"/>
<f:view>
<webuijsf:page
id="page1">
<webuijsf:html id="html1">
<webuijsf:head id="head1">
<webuijsf:link id="link1"
url="/resources/stylesheet.css"/>
</webuijsf:head>
<webuijsf:body id="body1" style="-rave-layout: grid">
<webuijsf:form id="form1">
<webuijsf:textField binding="#{login.username}"
id="username" style="position: absolute; left: 216px; top:
96px"/>
<webuijsf:passwordField binding="#{login.password}" id="password"
style="left: 216px; top: 144px; position: absolute"/>
<webuijsf:button actionExpression="#{login.button1_action}"
id="button1" style="position: absolute; left: 216px; top:
216px" text="GO"/>
</webuijsf:form>
</webuijsf:body>
</webuijsf:html>
</webuijsf:page>
</f:view>
</jsp:root>h3. *login.java -- implent the
button1_action() method in the login.java backing bean*
public String button1_action() {
setValue("#{requestScope.username}",
(String)username.getValue());
setValue("#{requestScope.password}", (String)password.getValue());
return "loginproxy";
}h3. {color:#ff6600}*loginproxy.jspx -- a login proxy that the user never sees. The onload="document.forms[0].submit()" automatically submits the form as soon as it is rendered in the browser.*{color}
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
version="2.0">
<jsp:output omit-xml-declaration="true" doctype-root-element="HTML"
doctype-system="http://www.w3.org/TR/html4/loose.dtd"
doctype-public="-W3CDTD HTML 4.01 Transitional//EN"/>
<jsp:directive.page contentType="text/html"
pageEncoding="UTF-8"/>
<html>
<head> <meta
http-equiv="Content-Type" content="text/html;
charset=UTF-8"/>
<title>Logging in...</title>
</head>
<body
onload="document.forms[0].submit()">
<form
action="j_security_check" method="POST">
<input type="hidden" name="j_username"
value="${requestScope.username}" />
<input type="hidden" name="j_password"
value="${requestScope.password}" />
</form>
</body>
</html>
</jsp:root>
{code}
h3. {color:#ff6600}*secure/securepage.jsp -- A simple JSF{color}
target page, placed in the secure folder to test access*
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="2.1"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:jsp="http://java.sun.com/JSP/Page" xmlns:webuijsf="http://www.sun.com/webui/webuijsf">
<jsp:directive.page
contentType="text/html;charset=UTF-8"
pageEncoding="UTF-8"/>
<f:view>
<webuijsf:page
id="page1">
<webuijsf:html id="html1">
<webuijsf:head id="head1">
<webuijsf:link id="link1"
url="/resources/stylesheet.css"/>
</webuijsf:head>
<webuijsf:body id="body1" style="-rave-layout: grid">
<webuijsf:form id="form1">
<webuijsf:staticText id="staticText1" style="position:
absolute; left: 168px; top: 144px" text="A Secure Page"/>
</webuijsf:form>
</webuijsf:body>
</webuijsf:html>
</webuijsf:page>
</f:view>
</jsp:root>
{code}
h2. {color:#993300}*_Step 4: Configure Declarative Security_*{color}
This type of security is called +declarative+ because it is not configured programatically. It is configured by declaring all of the relevant parameters in the configuration files: *web.xml* and *sun-web.xml*. Once you have it configured, the container (application server and java framework) already have the implementation to make everything work for you.
*web.xml will be used to define:*
- Type of security - We will be using "form based". The loginpage.jsp we created will be set as both the login and error page.
- Security Roles - The security role defined here will be mapped (in sun-web.xml) to users or groups.
- Security Constraints - A security constraint defines the resource(s) that is being secured, and which Roles are able to authenticate to them.
*sun-web.xml will be used to define:*
- This is where you map a Role to the Users or Groups that are allowed to use it.
+I know this is confusing the first time, but basically it works like this:+
*Security Constraint for a URL* -> mapped to -> *Role* -> mapped to -> *Users & Groups*
h3. {color:#ff6600}*web.xml -- here's the relevant section:*{color}
{code}
<security-constraint>
<display-name>SecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>SecurePages</web-resource-name>
<description/>
<url-pattern>/faces/secure/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name/>
<form-login-config>
<form-login-page>/faces/login.jsp</form-login-page>
<form-error-page>/faces/login.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>User</role-name>
</security-role>
{code}
h3. {color:#ff6600}*sun-web.xml -- here's the relevant section:*{color}
{code}
<security-role-mapping>
<role-name>User</role-name>
<group-name>Users</group-name>
</security-role-mapping>
{code}
h3. {color:#ff6600}*Almost done!!!*{color}
h2. {color:#993300}*_Step 5: A couple of minor "Gotcha's"_ *{color}
h3. {color:#ff6600}*_Gotcha #1_*{color}
You need to configure the "welcome page" in web.xml to point to faces/secure/securepage.jsp ... Note that there is *_no_* leading / ... If you put a / in there it will barf all over itself .
h3. {color:#ff6600}*_Gotcha #2_*{color}
Note that we set the <form-login-page> in web.xml to /faces/login.jsp ... Note the leading / ... This time, you NEED the leading slash, or the server will gag.
*DONE!!!*
h2. {color:#993300}*_Here's how it works:_*{color}
1. The user requests the a page from your context (http://localhost/MyLogin/)
2. The servlet forwards the request to the welcome page: faces/secure/securepage.jsp
3. faces/secure/securepage.jsp has a security constraint defined, so the servlet checks to see if the user is authenticated for the session.
4. Of course the user is not authenticated since this is the first request, so the servlet forwards the request to the login page we configured in web.xml (/faces/login.jsp).
5. The user enters username and password and clicks a button to submit.
6. The button's action method stores away the username and password in the request scope.
7. The button returns "loginproxy" navigation case which tells the navigation handler to forward the request to loginproxy.jspx
8. loginproxy.jspx renders a blank page to the user which has hidden username and password fields.
9. The hidden username and password fields grab the username and password variables from the request scope.
10. The loginproxy page is automatically submitted with the magic action "j_security_check"
11. j_security_check notifies the container that authentication needs to be intercepted and handled.
12. The container authenticates the user credentials.
13. If the credentials fail, the container forwards the request to the login.jsp page.
14. If the credentials pass, the container forwards the request to *+the last protected resource that was attempted.+*
+Note the last point! I don't know how, but no matter how many times you fail authentication, the container remembers the last page that triggered authentication and once you finally succeed the container forwards your request there!!!!+
+The user is now at the secure welcome page.+
If you have read this far, I thank you for your time, and I seriously question your ability to ration your time pragmatically.
Kerry RandolphIf you want login security on your web app, this is one way to do it. (the easiest way i have seen).
This method allows you to create a custom login form and error page using JSF.
The container handles the actual authentication and protection of the resources based on what you declare in web.xml and sun-web.xml.
This example uses a statically defined user/password, stored in a file, but you can also configure JDBC realm in Glassfish, so that that users can register for access and your program can store the username/passwrod in a database.
I'm new to programming, so none of this may be a good practice, or may not be secure at all.
I really don't know what I'm doing, but I'm learning, and this has been the easiest way that I have found to add authentication to a web app, without having to write the login modules yourself.
Another benefit, and I think this is key ***You don't have to include any extra code in the pages that you want to protect*** The container manages this for you, based on the constraints you declare in web.xml.
So basically you set it up to protect certain folders, then when any user tries to access pages in that folder, they are required to authenticate.
--Kerry -
How do I make a form compatible in all versions of Adobe Reader and various browsers?
I have created a fillable form in Adobe Live Cycle Designer ES 8.2 and the form is available for download on our company's website. Many users are experiencing trouble with the fields not being able to be filled in. I have Adobe Acrobat 9 on my computer. I do know that people using Adobe Reader X have not been able to use the form. I also know that there are issues when viewing/using the form in web browsers. I really need some help as I have exhausted all avenues that I can think of. I have three forms that I created and some people experience problems with only one form, some people have trouble with two, etc. Any assistance would be greatly appreciated.
There are three forms.
Form #1
http://www.kapsi-annarbor.org/npc/67th-Province-Council-Kappas-Registration-Form.pdf
Form #2
http://www.kapsi-annarbor.org/npc/67th-Province-Council-Silhouettes-Registration-Form.pdf
Form #3
http://www.kapsi-annarbor.org/npc/67th-Province-Council-KL-Registration-Form.pdf -
Hi expert,
we have developed an adobe form for the workflow for invoice but it can change we want it to be in display only When it get the the customer. PLEase help.when the customer receive the invoice He is able to make change on the invoice
Regards,
Flavien
Edited by: Flavien Gagoum on Feb 26, 2009 10:30 AMHi Flavien Gagoum
In Adobe form, there are two types of forms are available.
1. Static (Which can not be changed)
2. Interactive (Which can be chaged, and we can make some / Many fiels disabled)
So for your case, try to use Static form, hope you have used interactive form.
Thanks and Regards
Balaji K.
Maybe you are looking for
-
I hope the Apple folks are monitoring this. I want the ability to insert vice add a song to an existing playlist (i.e. I want to be able to select its position within the existing order of songs - say place it between songs 13 and 14 vice have it dro
-
Rightfax Integration with Oracle forms
We have Rightfax 9.3 integrated with our application running on Oracle forms 6i. We are plaaning to upgrade to Oracle forms 10g. We need to understand that if RightFax 9.3 can be configured with Oracle Forms 10g Also, is the invocation for RightFax d
-
When I open a project the bottom Info area in Premiere Pro reads "Loading..." followed by the path to the file(s) with a "XX Remaining" counting down to zero. When finished it then says something like, "All Files Loaded". What is the process of "Loa
-
Do I need to run Time Machine if I have Time Capsule
I find that Time Machine slows me down. It runs a few times a day- maybe because I'm always stopping it. Do I need to do this? If not, how do I stop it from running. Thanks
-
Compressing a 3 minute sequence thats 900mb down to 100mb for web use
I have a montage Thats around 900mb and I need to compress it down to 100mb, so I can post in on the web. I was wondering what is the best way of doing this without loosing much quality. Also Is there a way of changing the frame size in comprressor,