Need a login strategy for JSF application

I have inherited a JSF application (prototype) and need to modify this application to require a user login. Right now, the application requires a login only for a sub-portion of the application, well after JSF is up and running. That has to change to require the login before the JSF application is invoked.
Basically, what I want to do is present a standard login form (user name, password, and "submit" button). This information will be sent to "j_security_check" where the servlet engine will validate the user against an LDAP server and then look up some user role information. I have no control over user authentication. Once the user has logged in, the application will be looking at user roles to determine what elements of the JSF application they are permitted to access.
In addition, I need to be able to detect when the user's session has expired. When this occurs, I need to automatically reroute the user back to the login page. The prototype I inherited currently has all of the JSF backing beans check to see if the Session is still valid before executing any actions. This seems rather tedious and error-prone to me.
I am not very familiar with security and user authentication issues (somebody else always wrote that part). I think the approach I need to take is: (1) create a login page. (2) create a login error page. (3) create a filter to check to see if the user's session has expired and, if so, re-route the request to the login page.
My questions:
1. Is this the best approach? If not , what is a better approach?
2. Can I use JSF elements for the various login pages, or do I need to use JSP or HTML elements only?
3. Can you point me to an example or tutorial that explains what I need to do?
I've looked at a couple of servlet books, a JSF book, and Sun's online Java tutorials, but I don't see anything that looks quite like what I think I need to do here.
Once I get passed security handling, the rest of the application is all JSF and will be easy to build.
Thanks for your thoughts, comments, and assistance.

I have three macs and use one of them as the TM backup destination (that mac has 4 large external disks, I devote one disk at a TM backup for each of the macs) - that mac is also the file server. (I do also use an externally attached HD on one of the other macs as redundancy.) The system works very well and when set up requires no administration, it's automatic! Since the backups are made hourly, I have fresher data than my old system of doing nightly backups using a traditional backup app.
I even had to do a full restore last week on one of the macs and found the process worked flawlessly, had the mac up and running after the 2 hour restore finished.
For critical data (business or professional) I also recommend doing occasional boot disk backups using another backup app. I do that with one of my macs. Note: although I have wireless capability with each mac, I use wired Ethernet connections for speed and reliability.

Similar Messages

  • Help needed in writing installers for swing application

    Hi ,
    I want to write an installer for one of our home grown profiler tool. I need to write the installer for different platforms such as windows,linux,solaris,HP-UX.
    Does anybody have any idea of how to go ahead in writing installations. Share if there is any good links such as tutorials as well is thr any opensource tool (similar to installsheild) to write installers . As well following is the tentative algorithm for my install sheild
    1. Create a home dir for the tool and put all the application files in tht.
    2. Installing a 3rd party jar and make a home for it.
    3. Option for user to select the features(i hv 2 features. user can either select both or select individual feature) to be installed.
    4. Select the appserver home if any. On selection i hv to update the classpath in the startup batch file for the application(This is the toughest step i beleive bcoz each appserver have different folder structures and different startup batch files).

    Tried obtaining the output using SQL and the result is as follows:
    SQL> WITH T AS
      2  (
      3  SELECT 1 COL1 FROM DUAL
      4  UNION
      5  SELECT 2 COL1 FROM DUAL
      6  UNION
      7  SELECT 3 COL1 FROM DUAL
      8  UNION
      9  SELECT 4 COL1 FROM DUAL
    10  UNION
    11  SELECT 5 COL1 FROM DUAL
    12  UNION
    13  SELECT 8 COL1 FROM DUAL
    14  UNION
    15  SELECT 9 COL1 FROM DUAL
    16  UNION
    17  SELECT 10 COL1 FROM DUAL
    18  UNION
    19  SELECT 13 COL1 FROM DUAL
    20  UNION
    21  SELECT 14 COL1 FROM DUAL
    22  UNION
    23  SELECT 15 COL1 FROM DUAL
    24  UNION
    25  SELECT 16 COL1 FROM DUAL
    26  UNION
    27  SELECT 23 COL1 FROM DUAL
    28  UNION
    29  SELECT 24 COL1 FROM DUAL
    30  )
    31  SELECT OUTPUT FROM
    32  (
    33  SELECT DECODE(COL3,NULL,COL1, COL2)  || '-' || LEAD(DECODE(COL3,NULL,COL3, COL1)) OVER (ORDER BY DECODE(COL3,NULL,COL1, COL2)) OUTPUT  FROM
    34  (
    35  SELECT COL1, LEAD(COL1) OVER (ORDER BY COL1) COL2, LAG(COL1) OVER (ORDER BY COL1) COL3 FROM T
    36  )
    37  WHERE
    38  (COL2 - COL1 > 1 OR COL2 IS NULL OR COL3 IS NULL)
    39  )
    40  WHERE OUTPUT != '-';
    OUTPUT                                                                         
    1-5                                                                            
    8-10                                                                           
    13-16                                                                          
    23-24

  • How to include page fragment for JSF application deployed on WebSphere?

    Hi all,
    I have the following urgent JSF problem, I hope that you can support me in solving it;
    - I have JSF application need to be deployed on IBM WebSphere 6.0.1 Application Server.
    - I have the tag:
    <jsp:directive.include file="Actions.jspf"/>
    which includes a page fragment.
    - This is working file with Tomcat 5.5 & Sun Application Server 9, but it didn't work on WebSphere and each time the page fragment contents rendered as text, I mean that the JSF components in the fragment doesn't converted to html controls.
    Please help...
    Message was edited by:
    AHmadQ

    We use:
    <%@ include file="../WEB-INF/jspf/head.jspf" %>where the head.jspf is a jsp fragment like:
    <% response.addHeader("Cache-Control", "no-cache"); %>
    <% response.addHeader("Pragma", "no-cache"); %>
    <% response.addIntHeader("Expires", -1); %>
    <html>
    <head>
         <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
         <meta http-equiv="Pragma" content="no-cache" />
         <meta http-equiv="Expires" content="-1" />
         <title><%= pageTitle %></title>
         <link href="../style/style.css" rel="stylesheet" type="text/css" />
    </head>Cheers,
    Illu

  • How can I change the login page for an application

    Hello,
    I've created an application that uses some general login page (http://localhost:7777/pls/apex/wwv_flow_custom_auth_std.login_page).
    How can I make my application to use, by default, a custom Login page (in fact the 101 - Login page) ?
    Thank you.

    Create an authentication scheme using the wizard in the Application Builder. It will normally default to using page 101. If you need to edit the scheme, you can change 101 to something else.
    BTW, the procedure you named is not a login page and you should not use that procedure.
    Scott

  • Why do i need a credit card for all applications?

    Why won't apple let me buy my update if i have only itunes cards? I don't understand the point of using a credit card even for buying the applications? There still getting my money and I've read other posts and topics and other people are being aloud to buy it with there itunes money... Why can't I? That doesn't really seem fair to me and I've also read that people who've had there money in itunes for a longer period of time are able to pay with that but i added my money in yesterday... How long do i have to wait before i can give apple my money or do i have to use a credit card for all my purchases? By the way... I'm only 15 and can't get a credit card, So am i going to have to ask my parents if i can buy everything from itunes with there money and pay them back? Because i just wasted $20 on itunes. Thanks Apple

    Talked to Apple and apparently it's only a canadian problem and it has something to do with our government taxes. So that means that the only way to do it now is to have a credit card. That still makes no sense to me because we're aloud to purchase music and other items such as ipod games and there technically applications but apparently there not? And the stuff in the App Store is applications, Why can't i just buy my update?

  • I was on my mac when my charger stopped working. When I turned on my laptop again it was acting weird. Saying I needed to give permission for certain applications? Help!

    I was about to go on my computer as it was charging. My charger stopped working (it made a popping sound) and when i turned my computer on, it was acting a little strangely. The date was wrong and I had to "allow" or "deny" several applications. Why did this happen?

    From the menu bar, select
               ▹ System Preferences... ▹ Date & Time
    Select the Time Zone tab in the preference pane that opens and check that the time zone matches your location. Then select the Date & Time tab. Check that the data and time shown (including the year) are correct, and correct them if not.
    Check the box marked 
              Set date and time automatically
    if it's not already checked, and select one of the Apple time servers from the menu next to it.

  • Can we have two login screens for a particular application?

    I have an application which is sso enabled.
    Can i have another login screen, which doesnt authenticate SSO?

    I a nutshell, Yes you can have multiple login pages for one application. All you will need to do is specify which one you want to go to when you create the link to the application.
    E.g If you have an application number of 54321 and within this application you have 2 login pages number 101 and 111. You will need to use the following urls to access each one:
    http://server_name:port/pls/htmldb/f?p=54321:101
    http://server_name:port/pls/htmldb/f?p=54321:111
    I do not know about how SSO works with ApEx as I have never used it. But you can definitly have 2 separate login pages.
    Hope this helps,
    Cj

  • BOE-XI (R2) - Rename CMS name in Login Screen for CLUSTER

    BOE-XI (R2)
    Cluster with Two (2) physical servers side-by-side hosting all BOE services.
    Both Tomcat and IIS installed on both physical servers.
    We don't want the end-users of InfoView to see/know the underlying server names (eg. BOE_SERVER_1 and BOE_SERVER_2 ) in the URL for the CMC / InfoView - or in the CMS Name on the login screens for those applications.
    I assume that we can use some kind of DNS service in front of the website to mask that, but I don't know how we can "rename" it in the CMS name in Login Screen.
    What we want is to use a name like BOE_PROD for the URL path -  and for the CMS Name on the login screens for CMC / InfoView
    Anyone done this before...? Any documentation you can point me to...?
    Thanks in advance!
    Edited by: Mark Richardson on Oct 31, 2008 5:29 PM

    Here is one of my best findings on the matter.
    DNS ---
    The DNS bit is not documented but here is how I achieve this. The cluster configuration should be documented in the deployment or admin guide.
    For XIr2 to run with DNS, you need to add -port to the CMS, IFRS, OFRS and RAS (if you use crystal) - check the SAP notes to see because there are differeences between the CMS and other services for this. You will use the DNS name in this parameter instead of the hostname.
    From what you explained, you will need at least two DNS's
    In -port, use the dns name for the CMS (the DNS MUST match the IP address of the server where the CMS run if you want it to work)
    In EVERY services, you will need to change the -ns parameter to match the DNS name other registration will fail.
    Client tools will have to use the DNS or clustername.
    From my tests, DONT change -name. If you manage to do so, feel free to tell us more about it.
    --- Cluster name ---
    For that bit, I'll give the quick information, but the reference is the documentation.
    What follows is for tomcat. However, as stated above, the documentation explains pretty well how to achieve this for IIS too and you just need to replace hostname by fqdn in every bit that tells you how to configure this.
    For the name visible on the logon page on InfoView, it is in the web.xml Note: you can set the default name to the cluster name and even hide the CMS name if you want. (tomcat/webapps/businessobjects/enterprise115/desktoplaunch/web-inf/web.xml)
    The default value for the cms should be there, and a specific part is commented for the cluster names. If you want to use the clustername as the default value, you'll need to uncomment the part for it and fill in the required information (ClusterName and CMS DNS names) and then change the default value. This is required because Tomcat doesnt know how to resolve the clustername otherwise.
    Same thing goes for the CMC: (tomcat/webapps/businessobjects/enterprise115/adminlaunch/web-inf/web.xml)
    Restart Tomcat and BO and you have a fully DNS compliant BO server with a cluster name based on the DNS.
    Let us know how it goes.
    Cheers,

  • JavaFX as renderer for JSF view components

    I don;t know if I am asking the right question.
    Since javaFX has GUI components, Does sun provide JavaFX as a default renderer for JSF applications. Wouldn't that be cool say I define my view in some standard format and just configure a renderer in some xml and then with a magic, the UI is all based on JavaFX

    ejp wrote:
    So my question is primarily 'does this make sense?' Yes. I don't see why this wouldn't make sense.
    If so, secondly, does this imply I should/shouldn't use Facelets?For now on, it's recommend to start with it. It will be the default supported view technology as per JSF 2.0 and it offers much more advantages than the legacy JSP. Here's a nice document to start with: [https://facelets.dev.java.net/nonav/docs/dev/docbook.html].
    Thirdly, what else might I need in the stack?Maybe a 3rd party component library to take out the boring UI and ajaxical work from your hands. For example RichFaces.

  • Login to different J2EE applications

    Dear developers:
    How can we design the login process for J2EE applications, so that a user (who has already logged into one application) won't be required to log in again to the second application.
    The reason we are trying to do this, is because we have different application for different scope, such as Sales application and Purchasing application. Some users will be using both applications.
    I think, to achieve this, session information of one application must be carried to the second application. But...... it looks like SUN Servlet 2.1 spec won't allow this to happen.
    How can we design the systems, so the users will be required to login only once????
    Sincerely,
    Josh

    Can you have a single point of entry for both systems and then use controller classes to route the requests appropriately?
    Maybe when the user logs into the system you can bind some kind of user profile object to their session which will keep track of whether they are a sales application user or a purchasing application user or both. Then when the user submits a request, your single point of entry can apply the appropriate filters to ensure the user is accessing a page which they are entitled to view. If they do not have proper permissions then you can forward their request to some error page notifying them of their lack of privileges.
    Let me know if I can clarify this at all.
    Chris L.

  • Release Strategy for Contract is not getting picked whereas it is ok for PO

    Dear Experts,
    I have created release strategy for PO with doc type, p.org, net value as chars and frg_ekko as class and release group as 02.
    I kept NB,FO,MK and WK as char values. it is working fine for PO's whereas it is not getting picked for Contracts. we need same release strategy for PO as well as for Contract.
    Kindly resolve the issue.
    Satish

    S0004830404 wrote:
    Dear Experts,
    >
    > I have created release strategy for PO with doc type, p.org, net value as chars and frg_ekko as class and release group as 02.
    > I kept NB,FO,MK and WK as char values. it is working fine for PO's whereas it is not getting picked for Contracts. we need same release strategy for PO as well as for Contract.
    >
    > Kindly resolve the issue.
    >
    > Satish
    hi,
    use create other characteristic for value CEKKO-GNETW in this use the mk , wk values in value field and assign this characteristic to your class and save.
    Thanking you

  • Installer and icon for j9 application

    Hello there!
    I've done a j9 (personal profile for windows mobile) application and I wish to change the executable icon on the device. Additionally I'm in need of as installer for this application. Is it possible to build a cab file with both application and j9 to deploy on the taget device?
    many thanks!

    I would like to do exactly what you are describing, however I am not there yet since I just started the development of a Java on Pocket PC project.
    I did see reference to a tool by IBM called JXE which seems to wrap up a java app in a native executable for Pocket PC
    Check out their wirelss forum and you may find more details on this.
    http://www-128.ibm.com/developerworks/forums/dw_forum.jsp?forum=277&cat=9
    Jim

  • Need to submit request for revoke using API

    Hi,
    I need to submit request for revoke application instance using the OIM API, so that once the request is raised OIM approvals should get trigger.
    Could you please share some sample code to achieve this, I am able to raise the request for provisioning but facing issue while raising request for revoke.
    Thanks.

    Hi,
    Refer this : OIMService (Oracle Fusion Middleware Java API Reference for Oracle Identity Manager)
    Specify operation as RequestConstants.MODEL_REMOVE_ROLES_OPERATION
    Reference : RequestConstants (Oracle Fusion Middleware Java API Reference for Oracle Identity Manager)
    Thanks,
    Pallavi

  • Give access for REPORTING application

    hi gurus,
    we have PLANNING, REPORTING AND RATE applications in our application set
    one of my user able to access PLANNING application when he/she interface with excel
    now I need to give access for REPORTING application
    can anyone help what settings I have to set at SECURITY node
    Thanks,
    M.Munichandra babu

    Hi,
    You will have to go to the Member Access Profile that is related to that particular user and give access to the required application.
    Karthik AJ

  • Lenovo NeXtScale N1200 Enclosure is a customized solutions for your applications

    QuestionDo you need a customized solutions for your applications?
    AnswerLenovo NeXtScale N1200 Enclosure is a customized solutions for your applications that can be configured to meet your specific business needs. Lenovo NeXtScale N1200 Enclosure is the best solution for optimum compute power, GPU acceleration, maximum compute power, GPU or coprocessor and storage with the right I/O and networking. Since the NeXtScale platform is optimized for standard racks, it allows the mixing of high-density NeXtScale server offerings and non NeXtScale components within the same cluster rack. Lenovo NeXtScale System is comprised of compute nodes and chassis. The compute node is the nx360 M5 and the chassis the n1200 Enclosure.  The chassis can house up to 12 half-wide nx360 M4 and nx360 M5 nodes. The Lenovo n1200 enclosure is a light chassis without integrated networking or switching. As a result, no chassis-level management is required.  The nodes in the chassis with front access cabling would connect to top-of-rack switches installed in the same rack. Lenovo NeXtScale System is the data center solution for clients who are facing challenges such as physical space, budget, and low productivity due to late production readiness. Lenovo delivers NeXtScale, a dense platform that not only is cost optimized but also provides tremendous time to value by helping clients get on-board more quickly.

    Thanks for the suggestion.
    One concern I have is this package is developed for v12.0. According to SAP, these action blocks will work in 12.1 but not in 12.2. I've tried to install it on 12.2. The configuration dialog are not working properly.
    Have anybody succefully implemented this package on 12.2?
    Best regards,
    Arnold
    Edited by: Brad Arnold on Mar 2, 2012 11:53 PM
    Edited by: Brad Arnold on Mar 2, 2012 11:55 PM

Maybe you are looking for