Lesser Looking Login Form (JSF vs. JSP)

Hi,
We have a non-trivial (but not uncommon) layout for our application, including: icons, tabbed menu, menu bar, left-hand navigation submenu, page content, footer links, and footer copyright.
The application uses JAZN for authentication, which means we cannot use these items: resource bundles, JSF Core components, and ADF Faces components.
If we were to try and create a login page that has the same look and feel as the rest of the application (using only HTML), it would be a maintenance burden.
Is there any way we can leverage the JSF Core and ADF Faces components for the login page within a system that uses JAZN? (All searches for login pages and JAZN revealed painfully plain HTML pages.)
One idea would be to disable authentication for a specific "EmbedLogin" page. The EmbedLogin page would include an IFRAME (or otherwise INLINE) the login page. This will not work.
Any other ideas?

Hi,
in JDeveloper 11 / OracleAs 11 there will be a new API that allows you to perform programmatic authentication through JAAS - which then allows you to use a JSF page as a login form.
For now, beside of using Shay's suggestion, you can e.g. follow the trick that the Webcenter documentation exposes.
See "10.4.1 Creating an Oracle ADF Faces-Based Login Page"
http://download.oracle.com/docs/cd/B32110_01/webcenter.1013/b31074/jpsdg_security.htm#CHDJAGDG
It's a hack, but it works
Frank

Similar Messages

Login form using Access(JSP)....

I have written the following code in JSP and connected to Access Database.
Aftre i run the JSP from browser the Login form is displayed. but aftre i enter the "userid" and "password" nothing hapens. the application is STUCK !!
<HTML>
<HEAD>
<TITLE> Login </TITLE>
<script language="Javascript">
function giveFocus()
     document.login.user.focus()
function submitForm()
     document.login.submit()
function resetForm()
     document.login.reset()
     document.passwd.reset()
     document.login.user.focus()
</script>
</HEAD>
<BODY onload="giveFocus()">
<form name="login" method="post" action="http://localhost//dcs/forward.jsp">
<table border="0" cellpadding="2" cellspacing="0" width="80%"> <tr><td bgcolor="#ffffff" align="center">
<table border="0" cellspacing="6" cellpadding="6" bgcolor="ffffff" width="80%" height="280">
<tr bgcolor="#ADADAD">
<td align="center"><font face="Verdana" SIZE="5">LOGIN FOR DDM</font><br>
<table border=0 cellpadding=4 cellspacing=0>
<tr> <td align="right">
<P ALIGN="LEFT"><font face="Verdana" size="3"><BR>Please enter your ID and password
<table border=0 cellpadding=10 cellspacing=10>
<tr>
     <td align="right" ><font face="Verdana" size="4">User Id   :</font></td>
     <td><font face="arial" size="-1"><b></b></font><input name="user" type="text" length="9" maxlength="9"></td>
</tr>
<tr>
     <td align="right" ><font face="Verdana" size="4">Password :</font></td>
     <td><input name="passwd" type="password" length="8" maxlength="8"></td>
</tr>
<tr>
     <td align=center valign=bottom>
     <input type="submit" name="login" value="     LOGIN     " ></td>
<td align=center valign=bottom><input type="button" name="cancel" value="   Cancel    " ></td>
<td align=center valign=bottom><input type="submit" name="chgp" value="Change Password"></td>
</tr>
</table>
</table>
</table>
</table>
</form>
</body>
</html> Kindly tell me wht is the problem with the code ? ? ?

the code for doing the connection between JSP and Access is as follows :
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection conn = DriverManager.getConnection("jdbc:odbc:rupa","system","manager");rupa is DSN which i created for MS ACCESS
is this ok?

How to make result of form post to jsp to appear in child frame

Two frames inside a frameset, A and B (A is the first frame, B is the second). A has as it's source an html page containing a form with a submit button. The form posts to a jsp called Content.jsp. Works great, except: I want the results returned by Content.jsp to appear inside frame B. Seems like I've got the target for the form inside A wrong somehow, because when I click the submit button inside frame A, my results appear in a new browser instance, rather than inside B. Here's what the form declaration looks like:
<form action="Content.jsp" method="post" target="_parent.frames[1]">
If I make the target parent, that obviously replaces the whole page. If I make the target self, that obviously replaces the contents of frame A. I want to replace the contents of frame B. Any ideas?

Thanks, but I'm not using IFrame, just Frame and FrameSet. In any event, I have tried using the name attribute to no avail. Here's a really simple version of the code:
//Parent frameset
<frameset rows="50%,50%">
<frame name="A" src="testSubmit.html">
<frame name="B" src="">
</frameset>
//Here's the form in testSubmit.html
<form ACTION="testResult.html" METHOD="POST" TARGET="_parent.B">
<input TYPE="SUBMIT" VALUE="Click Me">
</form>
I've also tried TARGET="_parent.frames[1]" with the same result -- a new browser window is launched rather than the results being displayed in B.
Thanks for any assistance.

Extra Info On Login Form

Hi,
I have the requirement to prepare a Login Form such that it will include a dropdownList, besides userid and password. Based on the selection from dropdown List I will implement some business logic, probably on prepareSession method. As far as I am concerned Login forms should be jsp documents. Is it possible to have necessary bindings with the jsp document? Can I use adf faces core components on jsp documents? Any help is appreciated.
Best Regards,
Salim

Frank,
I am not using Container managed security. I am using DBLoginModule.jar with a pl/sql stored procedure, this is based on blog entry http://technology.amis.nl/blog/?p=1462, and one of your articles on OTN. I guess I am using Jazn Framework of Oracle with the capability of authentication from some DB tables. One thing I don't understand is why do we have to create Login page as JSP pages? Why can't we show error mesages ("Invalid username / password","Account Locked") on that jsp page? I appreciate your helps.
Salim

Help with Login Form (JSP DB Java Beans Session Tracking)

Hi, I need some help with my login form.
The design of my authetication system is as follows.
1. Login.jsp sends login details to validation.jsp.
2. Validation.jsp queries a DB against the parameters received.
3. If the query result is good, I retrieve some information (login id, name, etc.) from the DB and store it into a Java Bean.
4. The bean itself is referenced with the current session.
5. Once all that's done, validation.jsp forwards to main.jsp.
6. As a means to maintain state, I prefer to use url encoding instead of cookies for obvious reasons.I need some help from step 3 onwards please! Some code snippets will do as well!
If you think this approach is not a good practice, pls let me know and advice on better practices!
Thanks a lot!

Alright,here is an example for you.
Assume a case where you don't want to give access to any JSP View/HTML Page/Servlet/Backing Bean unless user logging system and let assume you are creating a View Object with the name.
checkout an example (Assuming the filter is being applied to a pattern * which means when a resource is been accessed by webapplication using APP_URL the filter would be called)
public doFilter(ServletRequest req,ServletResponse res,FilterChain chain){
     if(req instanceof HttpServletRequest){
            HttpServletRequest request = (HttpServletRequest) req;
            HttpSession session = request.getSession();
            String username = request.getParameter("username");
            String password = request.getParameter("password");
            String method = request.getMethod();
            String auth_type = request.getAuthType();
            if(session.getAttribute("useInfoBean") != null)
                request.getRequestDispatcher("/dashBoard").forward(req,res);
            else{
                    if(username != null && password != null && method.equaIsgnoreCase("POST") && (auth_type.equalsIgnoreCase("FORM_AUTH") || auth_type.equalsIgnoreCase("CLIENT_CERT_AUTH")) )
                         chain.doFilter(req,res);
                    else
                      request.getRequestDispatcher("/Login.jsp").forward(req,res);
}If carefully look at the code the autherization is given only if either user is already logged in or making an attempt to login in secured way.
to know more insights about where these can used and how these can be used and how ?? the below links might help you.
http://javaboutique.internet.com/tutorials/Servlet_Filters/
http://e-docs.bea.com/wls/docs92/dvspisec/servlet.html
http://livedocs.adobe.com/jrun/4/Programmers_Guide/filters3.htm
http://www.javaworld.com/javaworld/jw-06-2001/jw-0622-filters.html
http://www.servlets.com/soapbox/filters.html
http://www.onjava.com/pub/a/onjava/2001/05/10/servlet_filters.html
and coming back to DAO Pattern hope the below link might help you.
http://java.sun.com/blueprints/corej2eepatterns/Patterns/DataAccessObject.html
http://java.sun.com/blueprints/patterns/DAO.html
http://www.javapractices.com/Topic66.cjp
http://www.ibm.com/developerworks/java/library/j-dao/
http://www.javaworld.com/javaworld/jw-03-2002/jw-0301-dao.html
On the whole(:D) it is always a good practice to get back to Core Java/J2EE Patterns.and know answers to the question Why are they used & How do i implement them and where do i use it ??
http://www.fluffycat.com/java-design-patterns/
http://java.sun.com/blueprints/corej2eepatterns/Patterns/index.html
http://www.cmcrossroads.com/bradapp/javapats.html
Hope that might help :)
REGARDS,
RaHuL

Is it possible to use two diff forms in same jsp/jsf page?

Hi all,
My requirement is to submit the form based on selection of radio button.
since half part needs to be jsp based which is not using any tags etc.
But i am trying to use some jsf based component which requires to be inside <f:view><h:form> of
<%@ taglib prefix="f" uri="http://java.sun.com/jsf/core" %>
<%@ taglib prefix="h" uri="http://java.sun.com/jsf/html" %>
i.e. some <c:comboBox>
</h:form> </f:view>
Now earlier i was submitting the form as
<form action="/techstacks-v2_1/reportAction.do" method="post" name=doSearch id='doSearch'>
But now i found, in order to use combo box component which is entirely jsf based i need to use <f:view><h:form> which is kind of taking over the previous form submission mechiansm.
I am trying to keep them separate as two differnt forms.
one entirely jsp based and other as jsf based.
Now my question is can i use such way of doing so or is there any better way of implementing so.
My friend suggested that i can pass the value of jsf based form in hidden form to a input box of form to be submitted finally instead of submitteing two diff forms.
but in that case also i ahev to use two forms in a single jsp/jsf page.
suggest me something which can really work out.
thanks
vijendra

You can use as many forms as you want as long as you don't nest forms. The HTML spec probibits that.

Login form using Access... (in JSP )

I have written the following code in JSP and connected to Access Database.
Aftre i run the JSP from browser the Login form is displayed. but aftre i enter the "userid" and "password" nothing hapens. the application is STUCK !!
<HTML>
<HEAD>
<TITLE> Login </TITLE>
<script language="Javascript">
function giveFocus()
     document.login.user.focus()
function submitForm()
     document.login.submit()
function resetForm()
     document.login.reset()
     document.passwd.reset()
     document.login.user.focus()
</script>
</HEAD>
<BODY onload="giveFocus()">
<form name="login" method="post" action="http://localhost//dcs/forward.jsp">
<table border="0" cellpadding="2" cellspacing="0" width="80%"> <tr><td bgcolor="#ffffff" align="center">
<table border="0" cellspacing="6" cellpadding="6" bgcolor="ffffff" width="80%" height="280">
<tr bgcolor="#ADADAD">
<td align="center"><font face="Verdana" SIZE="5">LOGIN FOR DDM</font><br>
<table border=0 cellpadding=4 cellspacing=0>
<tr> <td align="right">
<P ALIGN="LEFT"><font face="Verdana" size="3"><BR>Please enter your ID and password
<table border=0 cellpadding=10 cellspacing=10>
<tr>
     <td align="right" ><font face="Verdana" size="4">User Id   :</font></td>
     <td><font face="arial" size="-1"><b></b></font><input name="user" type="text" length="9" maxlength="9"></td>
</tr>
<tr>
     <td align="right" ><font face="Verdana" size="4">Password :</font></td>
     <td><input name="passwd" type="password" length="8" maxlength="8"></td>
</tr>
<tr>
     <td align=center valign=bottom>
     <input type="submit" name="login" value="     LOGIN     " ></td>
<td align=center valign=bottom><input type="button" name="cancel" value="   Cancel    " ></td>
<td align=center valign=bottom><input type="submit" name="chgp" value="Change Password"></td>
</tr>
</table>
</table>
</table>
</table>
</form>
</body>
</html> Kindly tell me wht is the problem with my code ? ?

http://forum.java.sun.com/thread.jspa?threadID=599315&tstart=0
Cross-post

Jsp login form code

hi all
i am a student and new to jsp
imy problem is that i want to create a login form and have a page that validates the username and password ... i have tried this but i am gettin errors with my sql line . can any1 help me out
i have pasted the sql line below
ResultSet rs = stmt.executeQuery("SELECT username,password FROM myusers WHERE username='"+request.getParameter("username_signin") + "' AND password=PASSWORD('"+request.getParameter("password_signin")+"')");
thanks

hi i also have similar problem to avoid the ' or1=1 that simple hacking code.
i try to use ur method but i nt too sure abt the prepare statement , pls help thanks.
<%@page contentType="text/html"%>
<%@page import="java.sql.*"%>
<html>
<head>
<title>Check Login</title>
</head>
<body>
<%
//String varName=request.getParameter("userName");
//String varPass=request.getParameter("userPass");
String DRIVER = "sun.jdbc.odbc.JdbcOdbcDriver";
Connection con = null;
String nextPage = null;
try {
     // set up the DSNless connection to the EJewel.mdb database
     String source = "jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)}; DBQ=C:\\Program Files\\Apache Software Foundation\\Tomcat 5.5\\webapps\\ROOT\\assess20\\assess.mdb";
     // Open a Database connection with the Driver
     Class.forName(DRIVER);
     con = DriverManager.getConnection(source);
// Create sql string to check whether userName is found in database
     //String sql = "Select * from Customers where userName='" + varName + "' and userPass='" + varPass + "'";
     PreparedStatement stmt = con.prepareStatement("SELECT * from Customers WHERE username= 1 AND password='2");
stmt.setString(1, request.getParameter("userName"));
stmt.setString(2, request.getParameter("userPass"));
     // Create statement to connect to Connection
     Statement stmt=con.createStatement();
     // Execute result set on sql string
     ResultSet rs=stmt.executeQuery(PreparedStatement);
     String userPass = "foobar";
MessageDigest mdAlgorithm = MessageDigest.getInstance("MD5");
mdAlgorithm.update(userPass.getBytes());
byte[] digest = mdAlgorithm.digest();
StringBuffer hexString = new StringBuffer();
for (int i = 0; i < digest.length; i++) {
userPass = Integer.toHexString(0xFF & digest);
if (userPass.length() < 2) {
userPass = "0" + userPass;
hexString.append(userPass);
// We now have a unique MD5 Hash of original input
out.print(hexString.toString());
          if (rs.next())
          out.print("Exist");
          session.setAttribute("loginStatus", "login");
          session.setAttribute("userName", varName);
session.setAttribute("userPass", varPass);
nextPage="ShowMain.jsp";
          else
          //out.print("Does not exist");
          nextPage="Showlogin.htm";
     // close the resultset and statement
rs.close();
rs = null;
stmt.close();
stmt = null;
     } // end try
     // catch for 3 exceptions
     catch (ClassNotFoundException cnfe) {
out.println ("Could not create driver " + cnfe.getMessage ()) ;
     catch (SQLException sqle) {
out.println ("Could not connect to database " + sqle.getMessage ()) ;
     catch (Exception excpt) {
out.println ("Could not connect to database, general error " + excpt.getMessage ()) ;
} // end all catch
     // finally to close connection
finally {
if (con != null) {
con.close();
} // end finally
%>
<jsp:forward page="<%=nextPage%>"/>
</body>
</html>

Jsp Login Form

Hi All,
I am new to JSP. Please send me a JSP Login Form Validatio with DB.
Regards,
Gokul.

Validation.jsp whats the error in that
<%@ page language="java" import="java.sql.*,java.io.*,java.lang.*,java.util.*,com.login.users.*" %>
<jsp:useBean id="user" class="com.login.users.Users" />
<%@ page contentType="text/html;charset=windows-1252"%>
<html>
<head>
<% Connection cc = user.connect();
String username = request.getParameter("j_username");
String password = request.getParameter("j_password");
ResultSet rs = user.validateUser(cc);
%>
</head>
<body>
<%
while(rs.next()){
String u1 = rs.getString("name");
String p1 = rs.getString("Password");
if (u1.equals(username) && (p1.equals(password))){
break;
%>
<jsp:forward page="err.html" />
<%}
out.println("You Are a Valid User");
user.disconnect();
%>
</body>
</html>
my mail id is [email protected]

Oracle ADF 11g – Authentication using Custom ADF Login Form Problem

Hi Guys,
I am trying to Authenticate my adf application using custom Login Form.
following this..
http://www.fireboxtraining.com/blog/2012/02/09/oracle-adf-11g-authentication-using-custom-adf-login-form/#respond
But my Login Page is not Loading.I think its sending request in chain.my jdev version is 11.1.1.5.Any Idea.
Thanks,
Raul

Hi Frank,
I deleted bounded code and In another Unit Test I created a simple login.jspx page and applied form based authentication but still facing same problem means something wrong in starting.
My login.jspx page is
<?xml version='1.0' encoding='UTF-8'?>
<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page" version="2.1"
          xmlns:f="http://java.sun.com/jsf/core"
          xmlns:h="http://java.sun.com/jsf/html"
          xmlns:af="http://xmlns.oracle.com/adf/faces/rich">
<jsp:directive.page contentType="text/html;charset=UTF-8"/>
<f:view>
    <af:document id="d1" >
      <af:form id="f1" >
        <af:panelFormLayout id="pfl1">
          <af:inputText label="USERNAME" id="it1"
                        />
          <af:inputText label="PASSWORD" id="it2"
                          />
          <af:commandButton text="LOG IN" id="cb1" />
          <f:facet name="footer">
          </f:facet>
        </af:panelFormLayout>
      </af:form>
    </af:document>
</f:view>
</jsp:root>
Don't know wht real problem is

Oracle Form Vs OAF JSP Form

I have some basic questions regarding Oracle Forms and OAF JSP forms. There is a requirement by the client to create custom forms for a functionality not available in Oracle Applications R12. I have to make the decision if Oracle forms or OAF JSP should be used to develop these forms. I have been told that both are supported in R12. I would like to know what is the advantage of doing one over the other? What factors do I need to consider?
Thanks

and the appeal is not only about good looking UI, but more on making better user experience, less coding effort, easy maintenance, low cost (on hardware/software), thin clients, and the reason for whole internet revolution based on browser based applications
Tapash

Customizing Login Form

I am trying to customize the login form by adding another field. I'd then want to concatenate the new field with the existing field to generate a different UserId.
Does anyone know where I should be looking to make this change?
Login.jsp has this form.generateHTML call which confuses me.

You should be able to capture the form and formbutton definitions from the formlib in init.xml and update.xml and reload them as part of your customizations.
beware that the change you are going to make is for Global.
--sFed

Subview and login form

Since my login form is inside a subview the id assigned for my password field is breaking the container login.
For example:
<h:input_secret id="j_password"/>
would generate
<input type="password" name="content:loginForm:j_password"/>
Am I supposed to write the login without using any jsf tags ?

I suggest that you write the login form as a plain HTML (or plain JSP, if you need some dynamic content) page and don't use any JSF components. You don't gain anything from using JSF when you use container-based authentication any way.

How to refresh the Expired Login Form on the onChange event of the password

Hi,
In the Expired Login Form I have places a custom label. My requirement is that on the onchange event of the password field the label color should change to orange if the entered password meets the password policy else red.
I am trying the following code :
Custom label:
<Field name='Custom Label'>
<Display class='Label'>
<Property name='value' value='Custom label 1'/>
<Property name='noNewRow'>
<Boolean>true</Boolean>
</Property>
<Property name='color'>
<block>
<cond>
<isTrue>
<invoke name='checkStringQualityPolicy' class='com.waveset.ui.FormUtil'>
<rule name='EndUserRuleLibrary:getCallerSession'/>
<s>Default Password Policy</s>
<invoke name='decryptToString'>
<ref>resourceAccounts.password</ref>
</invoke>
<map/>
<list/>
<s>Configurator</s>
</invoke>
</isTrue>
<s>orange</s>
<s>red</s>
</cond>
</block>
</Property>
</Display>
</Field>
And on the password field i gave following in the onChange event:
submitCommand(this.form, "Recalculate")
But the above command is not refreshing the page. Instead on the onChange event its going back to the login.jsp.
Any idea how to resolve the above issue.
Thanks.

I got it working as below but i dont know is this best practices?
<%
    if(session.getAttribute("afterSet") != null){
         %>
    <div style="visibility:hidden">
      <iframe NAME="iframe1" src="/WebApplication2/TestController?fileDownload=test.pdf" WIDTH="40" HEIGHT="40"></iframe>
    </div>
    <%}       basically first time user visit the jsp page session attribute "afterSet" will be null so it wont create the hidden iframe tag . after it dispatched to the servlet controller and successfully processing the record it will set "afterSet" properties to some value and dispatch to itself
after that it will popup/dialog box for user to save the pdf.
this way the page already refreshes itself and wont have problem double clicking thing and so on

Right way of login form...

Hello
I am a really newbie in web programming. I want to write a web application with JSF. I wonder what is the rgiht way of creating the login form. I tried to write a page segment file for it but page segments do not have prerender method so it cannot be fully controlled...I want something like that:
login control will be two parts..
if login info is not found in session, than it will show the login form.
if the user is found in session, than it will show the menu for the user...
but i couldnt do that because prerender methos is not available in page segments..
what is the right way for doing that kind of thing?

Indeed implement a Filter.
Once an user logs in, put the User object in the HttpSession. Let the filter check on this User object. If this User object is null and you're not in the login page, then redirect to the login page.
Do a Google search on "LoginFilter implements Filter" or "UserFilter implements Filter" and you'll find lot of examples.
http://www.google.com/search?q=%22LoginFilter implements Filter%22
http://www.google.com/search?q=%22UserFilter implements Filter%22
Here is an advanced one which actually doesn't redirect if the User object doesn't exist, but this might give you some new insights: http://balusc.xs4all.nl/srv/dev-jep-usf.html

Lesser Looking Login Form (JSF vs. JSP)

Similar Messages

Maybe you are looking for