Security with jsf
Hello,
my website has 5 roles groups and each one can access to differents pages.
How can i forbid the access to pages of the role group 1 to the others?
In fact, a bean has a "level" variable which contain the role group of the user.
I would like to test this value and if it is the good one, give access.
Otherwise, i would like to redirect the user to the login page
Thx u in advance !
PS: All is made with JSF
Hi
Put this in Ur web.xml
<filter>
<filter-name>SecurityFilter</filter-name>
<filter-class>adjuvant.poa.util.SecurityFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SecurityFilter</filter-name>
<url-pattern>*.jsf</url-pattern>
</filter-mapping>
here is ur security class
adjuvant.poa.util.SecurityFilter
* [email protected]
package adjuvant.poa.util;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Iterator;
import java.util.Set;
import java.util.HashSet;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import adjuvant.poa.jsf.backingbeans.UserBean;
* This Filter class handle the security of the application.
* <p>
* It should be configured inside the web.xml.
public class SecurityFilter implements Filter {
//the login page uri
private static final String LOGIN_PAGE_URI = "login.jsf";
private static final String ADMIN_LOGIN_PAGE_URI = "../login.jsf";
private static final String USER_BEAN = "nurse";
//the logger object
private Log logger = LogFactory.getLog(this.getClass());
//a set of restricted resources
private Set restrictedResources;
* Initializes the Filter.
public void init(FilterConfig filterConfig) throws ServletException {
this.restrictedResources = new HashSet();
this.restrictedResources.add("/assessment.jsf");
this.restrictedResources.add("/patients.jsf");
this.restrictedResources.add("/anesthetic.jsf");
this.restrictedResources.add("/baseline.jsf");
this.restrictedResources.add("/drugs.jsf");
this.restrictedResources.add("/endocrine.jsf");
this.restrictedResources.add("/haematological.jsf");
this.restrictedResources.add("/labwork.jsf");
this.restrictedResources.add("/medication.jsf");
this.restrictedResources.add("/neurologocal.jsf");
this.restrictedResources.add("/newpatient.jsf");
this.restrictedResources.add("/patientdetails.jsf");
this.restrictedResources.add("/renal.jsf");
this.restrictedResources.add("/respiratory.jsf");
this.restrictedResources.add("/riskassessment.jsf");
this.restrictedResources.add("/summary.jsf");
this.restrictedResources.add("/minimalquestions.jsf");
//admin Pages
this.restrictedResources.add("/admin/admin.jsf");
this.restrictedResources.add("/admin/drugs.jsf");
this.restrictedResources.add("/admin/drugs.jsf");
this.restrictedResources.add("/admin/editdrugs.jsf");
this.restrictedResources.add("/admin/nurses.jsf");
this.restrictedResources.add("/admin/newnurse.jsf");
this.restrictedResources.add("/admin/transaction.jsf");
* Standard doFilter object.
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
this.logger.debug("doFilter");
String contextPath = ((HttpServletRequest)req).getContextPath();
String requestUri = ((HttpServletRequest)req).getRequestURI();
this.logger.debug("contextPath = " + contextPath);
this.logger.debug("requestUri = " + requestUri);
if (this.contains(requestUri, contextPath) && !(requestUri.contains("admin") ? this.authorizeAdmin((HttpServletRequest)req) : this.authorize((HttpServletRequest)req))) {
this.logger.debug("authorization failed");
((HttpServletRequest)req).getRequestDispatcher(LOGIN_PAGE_URI).forward(req, res);
else {
this.logger.debug("authorization succeeded");
chain.doFilter(req, res);
public void destroy() {}
private boolean contains(String value, String contextPath) {
Iterator ite = this.restrictedResources.iterator();
while (ite.hasNext()) {
String restrictedResource = (String)ite.next();
if ((contextPath + restrictedResource).equalsIgnoreCase(value)) {
return true;
return false;
private boolean authorize(HttpServletRequest req) {
UserBean user = (UserBean)req.getSession().getAttribute(USER_BEAN);
if (user != null ) {
//user logged in
return true;
else {
return false;
private boolean authorizeAdmin(HttpServletRequest request) {
UserBean user = (UserBean)request.getSession().getAttribute(USER_BEAN);
if (user != null && user.getUserId() != null && user.getUserId().equals("admin") ) {
//user logged in
return true;
else {
return false;
}
Similar Messages
-
Linking secure html link with JSF?
Hey all,
I do have a previous post regarding j_security_check and using container based security, but since this problem could be answered without it, checking to see how (j_security_check: http://swforum.sun.com/jive/thread.jspa?threadID=54464&tstart=0).
I want to be able to e-mail links with pre-populated attributes (identifiers, dates, what have you) but still have the link secure and require auth. But, I do want to automatically go to that linked page after auth. How does one do this with JSF?
thanks,
-DHi,
Please go through the below thread:
http://swforum.sun.com/jive/thread.jspa?forumID=123&threadID=50520
Hope this helps.
Thanks,
RK. -
Application not working with JSF 1.2
I am new to JSF. I am trying to create a sample application with JSF 1.2. I am using weblogic 10.0. I have followed the instructions give in the whitepaper to configure JSF 1.2.
http://download.oracle.com/technology/products/weblogic/portal/weblogic-portal-jsf-whitepaper.pdf
Deployment descriptor contains following content.
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>AlfaInsPortalWebApp</display-name>
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
<!--<description>
State saving method: "client" or "server" (= default)
See JSF Specification 2.5.2
</description>-->
</context-param>
<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>
<servlet>
<servlet-name>faces</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>faces</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>faces</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsf</welcome-file>
<welcome-file>index.faces</welcome-file>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
</web-app>
Weblogic.xml contains reference to following libraries
<?xml version="1.0" encoding="UTF-8"?>
<wls:weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wls="http://www.bea.com/ns/weblogic/90" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd http://www.bea.com/ns/weblogic/90 http://www.bea.com/ns/weblogic/90/weblogic-web-app.xsd">
<wls:container-descriptor>
<wls:prefer-web-inf-classes>true</wls:prefer-web-inf-classes>
</wls:container-descriptor>
<wls:context-root>AlfaInsPortalWebApp</wls:context-root>
<wls:library-ref>
<wls:library-name>jstl</wls:library-name>
<wls:specification-version>1.2</wls:specification-version>
<wls:exact-match>true</wls:exact-match>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-tools-visitor-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-tools-framework-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-commonui-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-framework-full-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-clipper-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-lookandfeel-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-rest-full-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-framework-rest-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-rest-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-light-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-wsrp-producer-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-framework-common-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-framework-struts-1.2-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>struts-1.2</wls:library-name>
<wls:specification-version>1.2</wls:specification-version>
<wls:exact-match>true</wls:exact-match>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>wlp-services-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>content-management-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>beehive-netui-1.0.1-10.0</wls:library-name>
<wls:specification-version>1.0</wls:specification-version>
<wls:exact-match>true</wls:exact-match>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>beehive-netui-resources-1.0.1-10.0</wls:library-name>
<wls:specification-version>1.0</wls:specification-version>
<wls:exact-match>true</wls:exact-match>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>p13n-web-lib</wls:library-name>
<wls:specification-version>10.2.0</wls:specification-version>
<wls:implementation-version>10.2.0</wls:implementation-version>
</wls:library-ref>
<wls:library-ref>
<wls:library-name>jsf</wls:library-name>
<wls:specification-version>1.2</wls:specification-version>
<wls:implementation-version>1.2.3.1</wls:implementation-version>
</wls:library-ref>
</wls:weblogic-web-app>
When i start the application server following logs were obtained
Apr 9, 2010 7:09:32 AM com.sun.faces.config.ConfigureListener contextInitialized
INFO: Initializing Sun's JavaServer Faces implementation (1.2_03-b04-FCS) for context '/SampleJSF'
Apr 9, 2010 7:09:33 AM com.sun.faces.config.ConfigureListener contextInitialized
INFO: Completed initializing Sun's JavaServer Faces implementation (1.2_03-b04-FCS) for context '/SampleJSF'
Apr 9, 2010 7:09:33 AM com.sun.faces.config.ConfigureListener contextInitialized
INFO: Initializing Sun's JavaServer Faces implementation (1.2_03-b04-FCS) for context '/SampleJSF'
Apr 9, 2010 7:09:33 AM com.sun.faces.config.ConfigureListener contextInitialized
INFO: Completed initializing Sun's JavaServer Faces implementation (1.2_03-b04-FCS) for context '/SampleJSF'
When i invoke the application I get the following error.
java.lang.NoSuchMethodError: initView
at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:92)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:248)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:197)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:226)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:124)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3393)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2140)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2046)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:200)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:172)
Please help me in configuring JSF 1.2.If you are new to JSF, then I'd try and simplify the environment in which you are working as the first step to achieving a successful outcome.
JSF 1.2 is a certified and well tested component of WLS, so we know it works. I'm not sure of the effect of all those additional modules you are adding in there -- it appears as if you have gotten a Faces implementation instantiated, but there could be some form of version difference/conflict since it can't find a method its looking for.
Using Oracle Enterprise Pack for Eclipse (http://www.oracle.com/technology/software/products/oepe/oepe_11115.html) you can build yourself out a pretty simple JSF application to get started from and deploy it to a WLS server. This would remove all the additional libraries you currently have, provide you with a bundled applicaton to deploy and give you a pretty good environment from which you can learn and experiment with JSF.
-steve- -
Problem using Tomahawk tree2 with JSF RI 1.1
Hello,
When I try to run Tomahawk tree2 component on JSF RI 1.1 I am getting the following exception.
java.lang.IllegalStateException: Duplicate component ID 'billsearch:billSearchForm:NewTabadvanceSearch:subTabOne:clientTree:t2c' found in view.
at com.sun.faces.application.StateManagerImpl.removeTransientChildrenAndFacets(StateManagerImpl.java:191)
at com.sun.faces.application.StateManagerImpl.removeTransientChildrenAndFacets(StateManagerImpl.java:199)
at com.sun.faces.application.StateManagerImpl.removeTransientChildrenAndFacets(StateManagerImpl.java:181)
at com.sun.faces.application.StateManagerImpl.removeTransientChildrenAndFacets(StateManagerImpl.java:181)
at com.sun.faces.application.StateManagerImpl.removeTransientChildrenAndFacets(StateManagerImpl.java:181)
at com.sun.faces.application.StateManagerImpl.removeTransientChildrenAndFacets(StateManagerImpl.java:181)
at com.sun.faces.application.StateManagerImpl.removeTransientChildrenAndFacets(StateManagerImpl.java:181)
at com.sun.faces.application.StateManagerImpl.removeTransientChildrenAndFacets(StateManagerImpl.java:181)
at com.sun.faces.application.StateManagerImpl.removeTransientChildrenAndFacets(StateManagerImpl.java:181)
at com.sun.faces.application.StateManagerImpl.saveSerializedView(StateManagerImpl.java:85)
at org.ajax4jsf.framework.ajax.AjaxStateManager.saveSerializedView(AjaxStateManager.java:90)
at com.sun.faces.taglib.jsf_core.ViewTag.doAfterBody(ViewTag.java:169)
at jsp_servlet._pages.__billsearchinit._jspService(__billsearchinit.java:156)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:223)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:500)
at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:245)
at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:322)
at com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:130)
at org.ajax4jsf.framework.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:108)
at org.ajax4jsf.framework.ajax.AjaxViewHandler.renderView(AjaxViewHandler.java:229)
at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:87)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:200)
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:117)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:198)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:223)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:501)
at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:245)
at weblogic.servlet.jsp.PageContextImpl.forward(PageContextImpl.java:148)
at jsp_servlet.__index._jspService(__index.java:101)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:223)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:147)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3243)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2003)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1909)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1359)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)Any help would be highly appreciated. I have tried setting my own id's to each and every component. But this throws me a different error and it doesn't let me set the id's manually. The error message is:
Error 500--Internal Server Error
java.lang.IllegalArgumentException: 1
at javax.faces.component.UIComponentBase.validateId(UIComponentBase.java:462)
at javax.faces.component.UIComponentBase.setId(UIComponentBase.java:279)
at javax.faces.webapp.UIComponentTag.createComponent(UIComponentTag.java:1016)
at javax.faces.webapp.UIComponentTag.createFacet(UIComponentTag.java:1059)
at javax.faces.webapp.UIComponentTag.findComponent(UIComponentTag.java:740)
at javax.faces.webapp.UIComponentTag.doStartTag(UIComponentTag.java:429)
Any help or hint on solving this problem is highly appreciated.
Thanks in adv.
~SirGRichfaces is compatible with JSF 1.1 and 1.2 and also with great ui part
but it may conflict with the other tomahawk component and filters -
Upgrading to weblogic 12c issue with JSF
Migrating to the Weblogic 12c faced so many issue with the shared class library. After fixing all the issue stuck with JSF and on google everywhere it was mentioned error happening due to multiple JSF version colliding.
My whole application works like a charm in 10.3.6 but same app not working after updating the spring 4 and hibernate 4.
This is the error I am receiving below errors ...
<javax.enterprise.resource.webcontainer.jsf.application> <BEA-000000> <JSF1029: The specified InjectionProvider implementation 'com.bea.faces.WeblogicInjectionProvider' does not implement the InjectionProvider interface. >
1. Cause: Unable to create a new instance of 'org.springframework.web.jsf.DelegatingVariableResolver': javax.faces.FacesException: org.springframework.web.jsf.DelegatingVariableResolver
2. Cause: Unable to create a new instance of 'org.springframework.web.jsf.DelegatingVariableResolver': javax.faces.FacesException: org.springframework.web.jsf.DelegatingVariableResolver
at com.sun.faces.config.processor.AbstractConfigProcessor.createInstance(Unknown Source)
at com.sun.faces.config.processor.ApplicationConfigProcessor.addVariableResolver(Unknown Source)
at com.sun.faces.config.processor.ApplicationConfigProcessor.process(Unknown Source)
at com.sun.faces.config.processor.AbstractConfigProcessor.invokeNext(Unknown Source)
at com.sun.faces.config.processor.LifecycleConfigProcessor.process(Unknown Source)
Truncated. see log file for complete stacktrace
Caused By: javax.faces.FacesException: org.springframework.web.jsf.DelegatingVariableResolver
at com.sun.faces.config.processor.AbstractConfigProcessor.loadClass(Unknown Source)
at com.sun.faces.config.processor.AbstractConfigProcessor.createInstance(Unknown Source)
at com.sun.faces.config.processor.ApplicationConfigProcessor.addVariableResolver(Unknown Source)
at com.sun.faces.config.processor.ApplicationConfigProcessor.process(Unknown Source)
at com.sun.faces.config.processor.AbstractConfigProcessor.invokeNext(Unknown Source)
Truncated. see log file for complete stacktrace
Caused By: java.lang.ClassNotFoundException: org.springframework.web.jsf.DelegatingVariableResolver
at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:297)
at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:270)
at weblogic.utils.classloaders.ChangeAwareClassLoader.findClass(ChangeAwareClassLoader.java:64)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
Truncated. see log file for complete stacktrace
3. ]] Root cause of ServletException.
java.lang.IllegalStateException: Could not find backup for factory javax.faces.context.FacesContextFactory.
at javax.faces.FactoryFinderInstance.getFactory(Unknown Source)
at javax.faces.FactoryFinder.getFactory(Unknown Source)
at javax.faces.webapp.FacesServlet.init(Unknown Source)
at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:299)
at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:250)
Truncated. see log file for complete stacktrace
4.Error> <javax.faces> <BEA-000000> <Application was not properly initialized at startup, could not find Factory: javax.faces.application.ApplicationFactory. Attempting to find backup.>
<Error> <javax.enterprise.resource.webcontainer.jsf.config> <BEA-000000> <Unexpected exception when attempting to tear down the Mojarra runtime
java.lang.IllegalStateException: Could not find backup for factory javax.faces.application.ApplicationFactory.
at javax.faces.FactoryFinder$FactoryManager.getFactory(FactoryFinder.java:1010)
at javax.faces.FactoryFinder.getFactory(FactoryFinder.java:342)
at com.sun.faces.config.InitFacesContext.getApplication(InitFacesContext.java:141)
at com.sun.faces.config.ConfigureListener.contextDestroyed(ConfigureListener.java:314)
at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:583)
Truncated. see log file for complete stacktrace
I had the classloader from weblogic but unable to find if there is anything related with Multiple JSF versions colliding. Here is the classloader log
**System Classloaders**
Type: sun.misc.Launcher$ExtClassLoader
HashCode: 1956433926
Classpath:
/C:/Java/jdk1.7.0_45/jre/lib/ext/access-bridge-64.jar
/C:/Java/jdk1.7.0_45/jre/lib/ext/dnsns.jar
/C:/Java/jdk1.7.0_45/jre/lib/ext/jaccess.jar
/C:/Java/jdk1.7.0_45/jre/lib/ext/localedata.jar
/C:/Java/jdk1.7.0_45/jre/lib/ext/sunec.jar
/C:/Java/jdk1.7.0_45/jre/lib/ext/sunjce_provider.jar
/C:/Java/jdk1.7.0_45/jre/lib/ext/sunmscapi.jar
/C:/Java/jdk1.7.0_45/jre/lib/ext/zipfs.jar
Type: sun.misc.Launcher$AppClassLoader
HashCode: 345487281
Classpath:
/C:/Oracle12c/Middleware/modules/features/weblogic.server.modules_12.1.1.0.jar
/C:/Oracle12c/Middleware/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar
/C:/Oracle12c/Middleware/modules/org.apache.ant_1.7.1/lib/ant-all.jar
/C:/Oracle12c/Middleware/patch_ocp371/profiles/default/sys_manifest_classpath/weblogic_patch.jar
/C:/Oracle12c/Middleware/patch_wls1211/profiles/default/sys_manifest_classpath/weblogic_patch.jar
/C:/Oracle12c/Middleware/wlserver_12.1/common/derby/lib/derbyclient.jar
/C:/Oracle12c/Middleware/wlserver_12.1/server/lib/weblogic.jar
/C:/Oracle12c/Middleware/wlserver_12.1/server/lib/weblogic_sp.jar
/C:/Oracle12c/Middleware/wlserver_12.1/server/lib/webservices.jar
/C:/Oracle12c/Middleware/wlserver_12.1/server/lib/xqrl.jar
/C:/Program%20Files/Java/jdk1.7.0_45/lib/tools.jar
Type: weblogic.utils.classloaders.GenericClassLoader
HashCode: 1277718374
Classpath:
**Application Classloaders**
Type: weblogic.utils.classloaders.FilteringClassLoader
HashCode: 929366372
Filter: [antlr.*, antlr.collections.*, antlr.collections.impl.*, antlr.debug.misc.*, com.sun.activation.*, com.sun.istack.*, com.sun.mail.*, com.sun.xml.*, org.apache.commons.*, org.joda.time.*, org.apache.xalan.*, org.apache.xml.*, org.apache.wml.*, org.apache.xerces.*, org.apache.xpath.*, com.ctc.wstx.*, org.slf4j.*, javax.faces.*, com.sun.faces.*, com.bea.faces.*, com.sun.el.*, javax.el.*, javassist.*]
Classpath: empty
Type: weblogic.utils.classloaders.GenericClassLoader
HashCode: 2137066604
Classpath:
**Type: weblogic.utils.classloaders.FilteringClassLoader**
HashCode: 1212049573
Filter: []
Classpath: empty
Type: weblogic.utils.classloaders.ChangeAwareClassLoader
HashCode: 1604673952
Classpath:
C:\s-ear-1.0-SNAPSHOT_4
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\classes
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\FastInfoset-1.2.12.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\_wl_cls_gen.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\acegi-security-1.0.7.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\activation-1.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\activation.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\antlr-2.7.7.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\aopalliance-1.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\aspectjrt-1.8.5.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\aspectjweaver-1.8.5.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\backport-util-concurrent-3.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\bcprov-jdk16-140.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\cacauth-2.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\camel-core-2.5.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\camel-josql-2.5.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\caps-handshake-3.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\caps2-liquibase-1.0-SNAPSHOT.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\caps2domain-1.0-SNAPSHOT.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\caps2util-1.0-SNAPSHOT.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\cloning-1.7.4.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-beanutils-1.8.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-codec-1.9.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-collections-3.2.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-dbcp-1.4.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-digester-2.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-httpclient-3.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-io-1.4.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-lang-2.4.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-logging-1.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-logging-api-1.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-management-1.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\commons-pool-1.5.4.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\dom4j-1.6.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\gentlyweb-utils-1.5.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\hibernate-commons-annotations-4.0.4.Final.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\hibernate-core-4.2.18.Final.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\hibernate-entitymanager-4.2.18.Final.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\hibernate-jpa-2.0-api-1.0.1.Final.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\hibernate-validator-4.2.0.Final.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\icefaces-3.2.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\icefaces-ace-3.2.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\icefaces-compat-3.2.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\icepush-3.2.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\itext-4.2.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\itextpdf-5.0.6.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jackson-core-asl-1.9.9.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jackson-core-lgpl-1.9.9.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jackson-mapper-asl-1.9.9.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jasperreports-ca-4.8.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\javassist-3.18.2-GA.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\javax.el-api-2.2.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\javax.faces-2.2.9.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\javax.inject-1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jax-qname.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jaxb-api-2.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jaxb-api.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jaxb-impl-2.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jaxb1-impl.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jaxp-api.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jaxws-api-2.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jboss-archive-browsing-5.0.0alpha-200607201-119.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jboss-logging-3.1.3.GA.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jboss-logging-annotations-1.2.0.Beta1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jboss-transaction-api_1.1_spec-1.0.1.Final.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jcl-over-slf4j-1.5.2.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jersey-bundle-1.18.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\joda-time-2.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\joda-time-hibernate-1.3.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\josql-1.5.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\josql-2.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\json-20140107.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jsr173_1.0_api.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jsr250-api-1.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jsr311-api-1.1.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jstl-1.2.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\jta-1.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\log4j-1.2.14.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\mail-1.4.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\mail.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\objenesis-1.2.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\opencsv-1.7.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\oro-2.0.8.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\portlet-api-2.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\primefaces-3.4.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\quartz-1.8.4.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\saaj-api-1.3.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\saaj-api.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\saaj-impl.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\serializer-2.7.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\serializer.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\service-1.0-SNAPSHOT.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\servlet.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\slf4j-api-1.5.2.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\slf4j-log4j12-1.5.2.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-aop-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-aspects-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-beans-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-context-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-context-support-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-core-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-expression-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-jdbc-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-jms-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-orm-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-oxm-3.0.5.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-security-core-4.0.0.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-tx-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-web-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-webmvc-4.0.9.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-ws-core-2.0.0.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-ws-security-2.0.0.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\spring-xml-2.0.0.RELEASE.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\stax-api-1.0-2.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\3capture-1.0.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\s-beans-1.0-SNAPSHOT.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\usertype.core-3.1.0.CR10.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\usertype.jodatime-1.9.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\usertype.spi-3.1.0.CR10.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\validation-api-1.0.0.GA.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\wss4j-1.5.8.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\xalan-2.7.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\xercesImpl-2.8.1.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\xercesImpl.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\xml-apis.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\xmldsig.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\xmlsec-1.4.3.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\xmlsec.jar
C:\s-ear-1.0-SNAPSHOT_4\war\WEB-INF\lib\xws-security-3.0.jar
jsf myfaces weblogic1
Here are links for more details.
http://stackoverflow.com/questions/29857571/weblogic-12c-java-lang-illegalstateexception-could-not-find-backup-for-factory
http://www.coderanch.com/t/649308/JSF/java/Faces-Servlet-failed-preload-startup
Sorry incase question not formatted. Any suggestions appreciated.hi.
I had faced this behavior on weblogic 12c(12.1.1).
Maybe This problem was solved by 12.1.2.
But, when text item submitted together with a upload file, multibyte characters was garbage characters.
See Multibyte character was garbage characters, when multipart requested (Multipartリクエストで文字化けが発生する) on WebLogic12(12.1.2.0) -
My question is pretty broad, so I'm just looking for a general answer.
What is the standard (or most common) approach to authentication and authorization in JSF?
1) At one instance, some time ago, I was utilizing a simple declarative, form-based, container-managed login mechanism in Tomcat (with DataSource/JDBCRealm), but that made me do some acrobatics with redirections because the container did all the checks and never gave me a chance to grab the details typed by the user... so, in the end, it turned out to be more of a hack than an actual way to do security.
2) I also keep reading that people turn to Spring security (Acegi). This seems like a good idea, but it's hard to believe that JSF does not have it's own security mechanism.
3) JAAS also comes to mind, especially after seeing the JAASRealm implementation on Tomcat, but this is Tomcat specific and requires a self-implemented LoginModule and Principal...
4) I also see some third-party libraries like jGuard that seem pretty decent (first-look impression), but still, that's hardly the norm.
So I am at loss now, how is security "supposed" to be done is JSF? Is it usually vendor specific? Any insight will be greatly appreciated!jadespirit wrote:
My question is pretty broad, so I'm just looking for a general answer.
What is the standard (or most common) approach to authentication and authorization in JSF?To start, authentication and authorization should not be tight coupled to JSF. JSF is just a component based MVC framework which can run on top of JSP/Servlet. Security is to be done at lower level, in the JSP/Servlet API.
1) At one instance, some time ago, I was utilizing a simple declarative, form-based, container-managed login mechanism in Tomcat (with DataSource/JDBCRealm), but that made me do some acrobatics with redirections because the container did all the checks and never gave me a chance to grab the details typed by the user... so, in the end, it turned out to be more of a hack than an actual way to do security.In JSF you can just get the underlying HttpServletRequest by ExternalContext#getRequest(), which on its turn provides methods to get details about the logged in user.
2) I also keep reading that people turn to Spring security (Acegi). This seems like a good idea, but it's hard to believe that JSF does not have it's own security mechanism.JSF is not comparable with Spring.
3) JAAS also comes to mind, especially after seeing the JAASRealm implementation on Tomcat, but this is Tomcat specific and requires a self-implemented LoginModule and Principal...Realm is not appserver specific.
4) I also see some third-party libraries like jGuard that seem pretty decent (first-look impression), but still, that's hardly the norm.No wording about this as I don't have experience with them.
So I am at loss now, how is security "supposed" to be done is JSF? Is it usually vendor specific? Any insight will be greatly appreciated!Realm is good. You can also decide to homegrow a simple one yourself. Have a database with users, have a loginbean which puts the logged in user in session, have a Filter which checks the logged in user. In JSF you can if necessary just use EL to access the logged in user in session. -
Unable to connect SQL server 2005 databse with JSF applications !
Hello guys!
Help me out to connect SQL server 2005 Databse with JSF applications using JDBC-ODBC bridge. I'm working with Netbeans 6.1 IDE.
I tried for the basic applications but instead got this error:
"unable to deploy jdbc drivers to the <project>domain/lib"
Please help me out with working sample codes that connects MS SQL server 2005 DB with JSF!!
Thank you guys!1) don't use the bridge driver
2) don't do database access from JSF
3) learn how to use your application server
4) learn how to use your IDE -
Web Service Security with SAML - Invalid XML signature
Hello together,
we want to build a scenario where we want to use Web Service Security with SAML.
The scenario will be
WS Client (Java Application) -> WS Adapter -> Integration Engine -> WS Adapter-> CRM (Web AS ABAP 7.01 SP 3)
SAP PI release is 7.11 (SP Level 4)
We want to use the SAML Authentification from WS Client to PI and from PI to Web AS ABAP.
The SAML authentifications between the WS Client and PI works when there is no SAML auth between PI and CRM.
But we get following error at calling the CRM system when we want to communicate with SAML:
<E_TEXT>CX_WS_SECURITY_FAULT:Invalid XML signature</E_TEXT>
Has somebody an idea of the possible reason for the error.
Thanks in advance
StefanError Messages in the Trace/Log Viewer:
CX_WS_SECURITY_FAULT : Invalid XML signature | program: CL_ST_CRYPTO==================CP include: CL_ST_CRYPTO==================CM00G line: 48
A SOAP Runtime Core Exception occurred in method CL_ST_CRYPTO==================CM00G of class CL_ST_CRYPTO==================CP at position id 48 with internal error id 1001 and error text CX_WS_SECURITY_FAULT:Invalid XML signature (fault location is 1 ).
Invalid XML signature -
How can I make a navigation dependend on the database content with JSF?
Hi,
I want to navigate dynamicly between pages, but pages which addresses that are taken from database. I want to take a list of page's addresses (links) from database, and while application is running, I want to generate on my page that working links. This is functionality demanded by my little CMS (Content Management System), to enable me to add and delete pages and links between them.
But is it possible by JSF?
As far as I could find out, JSF provides such possibilities (faces-config.xml) :
<navigation-rule>
<from-view-id>/logon.jsp</from-view-id>
<navigation-case>
<from-action>#{LogonForm.logon}</from-action> /*logon - function returning String as an 'outcome'*/
<from-outcome>success</from-outcome> /*outcome*/
<to-view-id>/storefront.jsp</to-view-id> /*concrete page*/
</navigation-case>I need something like that:
<navigation-rule>
<from-view-id>/logon.jsp</from-view-id>
<navigation-case>
<from-action>#{WhichPage.address</from-action> /*different pages' addresses
<from-outcome></from-outcome> /*outcome not needed*/
<to-view-id>#{WhichPage.address}</to-view-id> //different pages' addresses from db
</navigation-case>or just function which return directly the address of the target page (read from db). But is it possbile with JSF?
So far only figured out one not good enough way: to add all the pages' addresses to the faces-config.xml file:( But as you can imagine, the more link I would add, the bigger mess in config file I would create.
Thanks in advance for any suggestion or advice,
Regards.
T.K.You can implement a NavigationHandler
public class NavigationManager extends NavigationHandler {
private NavigationHandler _base;
public NavigationManager(NavigationHandler base)
super();
_base = base;
public void handleNavigation(FacesContext context, String actionMethod, String actionName) {
// Put some code here, you can create a NavigationCase and a NavigationRule
// with RuntimeConfig runtimeConfig = RuntimeConfig.getCurrentInstance(externalContext);
_base.handleNavigation(context, actionMethod, actionName);
} -
Not able to create a web project with jsf or jsp or struts or spring
Hi,
I am trying to create a dynamic web project with jsf or jstl or struts or spring or any of web options available for a web project, but I am not able to do it.
When I choose any of these options, the wizard asks me to "select an existing jstl/jsf/Spring 2.0 library, or click Add to add a new library." and since it doesn't show any existing libraries there, I clicked on add new library. When I click add, it opens a new dialog box where it has two options :
1. to use spring/jstl/jsf lib from bea web site - when I choose this option, it tries to connect to the bea web site and gives me error that "connect time out". I don't know why it is not able to connect to the internet. I am not able to see the help also. There it gives error "The requested URL could not be retrieved".
2. to use libraries from an existing spring installation - I provide the path of a directory where spring lib are, but then it gives me error that this is not a valid installation.
On another machine, I am able to see the help contents, but still not able to get these libraries from the bea site.
Please help.
Thanks in advance,
SushmaHi Sushma,
The issue you are facing has been addressed and will be part of the next release. For the current release, please follow the steps listed below.
Send an email to [email protected] with details on specific facets you are trying to enable on your project.
You will be provided with a url where you can download the required jars and details on how to manually add the jars to the workspace which will prevent the download on demand scenario.
Cheers
Raj -
How to integrate a java script date picker with jsf?
Hi I have a javascript data picker which I want to integrate with a text tield.. that is <jsf:inputtext tag...
I know about onlclick .. but I am more interested in knowing .. how will the java script set date into that input text field.. i mean how will it recognize the field..Pass the input element as 'this' reference to the JS function?onclick="doSomething(this);"This has not much to do with JSF though.
-
Is there a way to print a pdf, which is secured with password?
I want to know a way to print pdf which is secured with password to print without throwing a error ?
Instead it has to ask for a password and print..we need to have an associated application installed in the system for that particular fileYup.
does javax.print api works for pdf files and word documents?Nope.
There is something called (I think) iText which can handle PDF documents. No idea whether it includes a printing facility or not.
db -
Need Suggestion on including JSTL Tags with JSF
Hi..All....
I need some suggestions.. i Started doing a project in JSF.. i am new to JSF...
I Developed some part of the project in Struts.. but now.. our clinet says... The Application Has to go
with JSF.so.. started redesigning again....
Can i use JSTL...where ever i want....when i am developing a JSF Application...
Please suggest..me...
Thanks.. for the Help..
ArthiI am freely mixing jstl and jsf in my project using:
JSTL RI 1.2
JSF RI 1.2
Tomcat 6
i am mixing c:forEach and h: tags successfully, which i needed for some javascript functionality that i could not do with data table. but stick to JSF wherever possible! -
Is there a way to view Flash videos on my iMac without downloading Adobe Flash Player? I'm concerned about performance and security with Adobe Flash Player.
If the video is only available in a format that requires Flash player : then no.
However, a great many can also be viewed in an HTML5 version, in which case http://hoyois.github.io/safariextensions/clicktoplugin/ or similar can be set up so that Flash never runs unless you specifically choose it to. -
Hi
I am new to flex and i have a knowledge on jsf .We got a requriment to integrate the flex with jsf .
I googled and i developed the sample application using the fiji (Exadel ) .
When i an running the application in the jboss I GOT EMPTY page then after deselecting the check box of 'blockjavascript' in the browser
am able to see the swf file in the page
can any one help me..
My Project
The mxml
<?xml version="1.0" encoding="utf-8"?>
<mx:Application xmlns:mx="http://www.adobe.com/2006/mxml" layout="absolute" width="1024" height="715" xmlns:ns1="*">
<mx:Form x="22" y="47" width="1200" height="680">
</mx:Form>
<mx:Button x="22" y="5" label="This is Prapansolution" width="280"/>
</mx:Application>
The .jsp
<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:fiji="http://exadel.com/fiji"
xmlns:a4j="http://richfaces.org/a4j"
xmlns:rich="http://richfaces.org/rich"
xmlns:ui="http://java.sun.com/jsf/facelets"
version="2.0">
<f:view><h:form id="myForm">
<fiji:swf src="/faces/FirstFlexApp.swf" id="demonew" bgcolor="#FFFFFF" width="820" height="480">
<f:param name="text1" value="Hello" />
</fiji:swf> </h:form></f:view>"vikbar" <[email protected]> wrote in
message
news:gb0tug$7je$[email protected]..
> Hi Amy,
>
> Isnt the HistoryManager approach more specific to Flex
application i.e if
> user
> is just navigating with in the flex application? In my
case the user will
> navigate between a JSF page which does not have any SWF
file and the
> another
> one which has swf file embedded. Now everytime when the
suer moves to the
> flex
> embedded JSF page from the Non Flex JSF page these are
the steps which are
> always going to happen :
>
> 1.) System Manager will get initialized and will create
PreLoader
> instance.
> 2.) The preLoader will then try to download the swf
file. Now since this
> is
> the second time the user is coming back to the flex page
so the broswer
> would
> have already cached this swf, so Preloader will skip the
downloading
> swf/RSl
> step and hence you wont see any initialization progress
bar.
>
> 3.) New Application object will get instantiated and
will go through its
> whole
> lifecycle.
>
> So, I guess historyManager approach will work only if
the user stays on
> the
> flex application only and navigates with in flex
application itself(so in
> that
> case if the user clicks back then it knows which flex
component or view to
> display), but in my case user will completely move away
from flex page to
> a
> JSF page and then will try to come back.
>
You'd need to put the right stuff in the url to make it work,
just like if
you were calling a page that's expecting GET params. I don't
really use the
HistoryManager, so you'll need to either look into this
yourself or ask
someone who knows more about it.
HTH;
Amy
Maybe you are looking for
-
Issue in retrival of Old Appraisal system template
Dear Expert, landscape :ecc 6 , business package 1.41 Currently i am facing a problem in ESS/MSS regarding extracting old appraisal template.the scenario is currently old and new (objective setting and appraisal ) both are available at server . i act
-
Dear All, I have a TMG for one of the Custom DBT. In the maintenance screen, I want to delete the DELETE Button. Is this posible ? If yes, any help is appreciated ! Regards, Deepu.k
-
I am updating my website and have the home page complete...I think. The other pages have not been updated yet because I am trying to figure out the best way to create an easy to update pop-up menu similar to what is currently on all the pages except
-
I recently restored my laptop with Windows 7 and imported my iTunes library from my external hard drive. When I try to play songs, it says it cannot and that the original file could not be located. How do I fix this?
-
How to turn off pop-up blocker
How to turn off pop-up blocker?