Comments on: Acegi/Spring Security Integration – JSF Login Page http://ocpsoft.com/java/acegi-spring-security-jsf-login-page/ "Simple Software" Sat, 13 Mar 2010 17:57:39 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Technical Blog » JSF and Spring Security Integration with JSF login pagehttp://ocpsoft.com/java/acegi-spring-security-jsf-login-page/comment-page-2/#comment-1236 Technical Blog » JSF and Spring Security Integration with JSF login page Fri, 26 Feb 2010 17:59:31 +0000 http://ocpsoft.com/?p=16#comment-1236 [...] HttpRequestDispatcher to cause forword to /j_spring_security_check.jsp, there is one toturial on http://ocpsoft.com/java/acegi-spring-security-jsf-login-page/ which shows how to implement [...] [...] HttpRequestDispatcher to cause forword to /j_spring_security_check.jsp, there is one toturial on http://ocpsoft.com/java/acegi-spring-security-jsf-login-page/ which shows how to implement [...]

]]> By: Lincolnhttp://ocpsoft.com/java/acegi-spring-security-jsf-login-page/comment-page-2/#comment-489 Lincoln Fri, 08 May 2009 13:01:11 +0000 http://ocpsoft.com/?p=16#comment-489 Update your default-target-url, etc, in the spring config.xml file:<form-login login-processing-url="/j_spring_security_check" login-page="/faces/login.jsf" default-target-url="/faces/home.jsf" authentication-failure-url="/faces/login.jsf" always-use-default-target="false" /> <logout invalidate-session="false" logout-success-url="/faces/login.jsf" /> Update your default-target-url, etc, in the spring config.xml file:

default-target-url="/faces/home.jsf" authentication-failure-url="/faces/login.jsf" always-use-default-target="false" />

]]> By: Petehttp://ocpsoft.com/java/acegi-spring-security-jsf-login-page/comment-page-2/#comment-488 Pete Fri, 08 May 2009 11:58:25 +0000 http://ocpsoft.com/?p=16#comment-488 Hi Lincoln,I have incorporated Ocpsoft's "prettyfaces" into my application and am very enjoying "pretty" names in the address bar. However, I'm finding issues with Spring Security via LoginBean, as above. After j_spring_security_check, the forward is to the unprettyfaced resource which appears distastefully in the address bar ;-(Do you have any ideas how to forward to the "pretty" name?Also, I use a prettylink to a Spring secured resource and include a request parameter, this is not forwarded on after the j_spring_security_check.I do very much like prettyfaces though and love the flexibility it gives. Would be great to have a solution to fully include Spring Security.Cheers, PetePS code uploaded to same url as before ;-) Hi Lincoln,

I have incorporated Ocpsoft’s “prettyfaces” into my application and am very enjoying “pretty” names in the address bar. However, I’m finding issues with Spring Security via LoginBean, as above. After j_spring_security_check, the forward is to the unprettyfaced resource which appears distastefully in the address bar ;-(

Do you have any ideas how to forward to the “pretty” name?

Also, I use a prettylink to a Spring secured resource and include a request parameter, this is not forwarded on after the j_spring_security_check.

I do very much like prettyfaces though and love the flexibility it gives. Would be great to have a solution to fully include Spring Security.

Cheers,
Pete

PS code uploaded to same url as before ;-)

]]> By: johnhttp://ocpsoft.com/java/acegi-spring-security-jsf-login-page/comment-page-2/#comment-384 john Tue, 05 May 2009 05:16:02 +0000 http://ocpsoft.com/?p=16#comment-384 Derek, what IDE do you use? I want to learn spring framework with the spring security. I don't know what environment to use. Can you help me with that please? Derek, what IDE do you use? I want to learn spring framework with the spring security. I don’t know what environment to use. Can you help me with that please?

]]> By: Derekhttp://ocpsoft.com/java/acegi-spring-security-jsf-login-page/comment-page-2/#comment-382 Derek Tue, 05 May 2009 04:05:28 +0000 http://ocpsoft.com/?p=16#comment-382 John we don't used Netbeans, but I would imagine that you could check under WEB-INB/Lib(raries) and see if you see a jar called spring-security. If you do then you have it. If not go here: http://sourceforge.net/project/showfiles.php?group_id=73357&package_id=270072&release_id=630203The zip file is just an example Eclipse project using Acegi / Spring Security. You can copy the contents of the zip file into a sample project and try and run it. John we don’t used Netbeans, but I would imagine that you could check under WEB-INB/Lib(raries) and see if you see a jar called spring-security. If you do then you have it. If not go here: http://sourceforge.net/project/showfiles.php?group_id=73357&package_id=270072&release_id=630203

The zip file is just an example Eclipse project using Acegi / Spring Security. You can copy the contents of the zip file into a sample project and try and run it.

]]> By: johnhttp://ocpsoft.com/java/acegi-spring-security-jsf-login-page/comment-page-2/#comment-373 john Mon, 04 May 2009 23:00:53 +0000 http://ocpsoft.com/?p=16#comment-373 I was wondering if you could tell me how to add Sp. Sec. to my NetBnzz apps. I've downloaded the zip, but is there a way to add it as a plug in or something. I would really appreciate it. If I can't use it in NetBnzz what IDE should I use. Thanks I was wondering if you could tell me how to add Sp. Sec. to my NetBnzz apps. I’ve downloaded the zip, but is there a way to add it as a plug in or something. I would really appreciate it. If I can’t use it in NetBnzz what IDE should I use. Thanks

]]> By: johnhttp://ocpsoft.com/java/acegi-spring-security-jsf-login-page/comment-page-2/#comment-351 john Mon, 04 May 2009 06:26:11 +0000 http://ocpsoft.com/?p=16#comment-351 Hey guys,I'm trying to use spring security in my applications, but I don't know how to add the libraries.I'm using NetBeans 6.5, and I have the Spring MVC 2.5 plug in. Does this plug in come with Spring Security?Could you please help me so that I can use Spring MVC and Security in Netbeans 6.5. Thank you. Hey guys,

I’m trying to use spring security in my applications, but I don’t know how to add the libraries.

I’m using NetBeans 6.5, and I have the Spring MVC 2.5 plug in. Does this plug in come with Spring Security?

Could you please help me so that I can use Spring MVC and Security in Netbeans 6.5.
Thank you.

]]> By: Revisited - Acegi/Spring Security & JSF Login Page | OcpSofthttp://ocpsoft.com/java/acegi-spring-security-jsf-login-page/comment-page-1/#comment-271 Revisited - Acegi/Spring Security & JSF Login Page | OcpSoft Mon, 27 Apr 2009 22:00:13 +0000 http://ocpsoft.com/?p=16#comment-271 [...] correction has been made to the post: http://ocpsoft.com/java/acegi-spring-security-jsf-login-page/, fixing an issue where FacesMessages were not being displayed on failed [...] [...] correction has been made to the post: http://ocpsoft.com/java/acegi-spring-security-jsf-login-page/, fixing an issue where FacesMessages were not being displayed on failed [...]

]]> By: Lincolnhttp://ocpsoft.com/java/acegi-spring-security-jsf-login-page/comment-page-1/#comment-270 Lincoln Mon, 27 Apr 2009 21:43:40 +0000 http://ocpsoft.com/?p=16#comment-270 Ok... you are very correct. My fault.@PostConstruct occurrs too early in the Faces/Spring lifecycle, and at the point when the bean is constructed, the BadCredentialsException has not yet been created.Move the handleErrorMessage() method to a PhaseListener, like so:package uk.co.pkit.project.view.bean.login;import javax.faces.context.FacesContext; import javax.faces.event.PhaseEvent; import javax.faces.event.PhaseId; import javax.faces.event.PhaseListener;import org.springframework.security.BadCredentialsException; import org.springframework.security.ui.AbstractProcessingFilter;import uk.co.pkit.project.view.util.FacesUtils;public class LoginErrorPhaseListener implements PhaseListener { private static final long serialVersionUID = -1216620620302322995L;@Override public void beforePhase(final PhaseEvent arg0) { Exception e = (Exception) FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get( AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY);if (e instanceof BadCredentialsException) { FacesContext.getCurrentInstance().getExternalContext().getSessionMap().put( AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, null); FacesUtils.addErrorMessage("Username or password not valid."); } }@Override public void afterPhase(final PhaseEvent arg0) {}@Override public PhaseId getPhaseId() { return PhaseId.RENDER_RESPONSE; }} Ok… you are very correct. My fault.

@PostConstruct occurrs too early in the Faces/Spring lifecycle, and at the point when the bean is constructed, the BadCredentialsException has not yet been created.

Move the handleErrorMessage() method to a PhaseListener, like so:

package uk.co.pkit.project.view.bean.login;

import javax.faces.context.FacesContext;
import javax.faces.event.PhaseEvent;
import javax.faces.event.PhaseId;
import javax.faces.event.PhaseListener;

import org.springframework.security.BadCredentialsException;
import org.springframework.security.ui.AbstractProcessingFilter;

import uk.co.pkit.project.view.util.FacesUtils;

public class LoginErrorPhaseListener implements PhaseListener
{
private static final long serialVersionUID = -1216620620302322995L;

@Override
public void beforePhase(final PhaseEvent arg0)
{
Exception e = (Exception) FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get(
AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY);

if (e instanceof BadCredentialsException)
{
FacesContext.getCurrentInstance().getExternalContext().getSessionMap().put(
AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, null);
FacesUtils.addErrorMessage(“Username or password not valid.”);
}
}

@Override
public void afterPhase(final PhaseEvent arg0)
{}

@Override
public PhaseId getPhaseId()
{
return PhaseId.RENDER_RESPONSE;
}

}

]]> By: Lincolnhttp://ocpsoft.com/java/acegi-spring-security-jsf-login-page/comment-page-1/#comment-266 Lincoln Tue, 21 Apr 2009 21:49:32 +0000 http://ocpsoft.com/?p=16#comment-266 I wish I could help you two. I can't reproduce this problem. Everything is working fine for us. Perhaps you could send a WAR file / sources to reproduce the issue? I'd be glad to take a look. I wish I could help you two. I can’t reproduce this problem. Everything is working fine for us. Perhaps you could send a WAR file / sources to reproduce the issue? I’d be glad to take a look.

]]>