-
1. Re: Two login pages/methods
nickarls Jan 17, 2008 6:19 AM (in response to hubaghdadi)Hmmm, would it be possible to use a normal authenticator method and there redirect to the appropriate login page based on some examination of the incoming request?
-
2. Re: Two login pages/methods
hubaghdadi Jan 17, 2008 6:47 AM (in response to hubaghdadi)Isn't look overkill?
The admin has to provide his credentials twice? -
3. Re: Two login pages/methods
david.spark Jan 17, 2008 6:49 AM (in response to hubaghdadi)I use Roles for this situation. Presumably you have some field in the database which indicates if someone is a user or an admin. If so then you can add an appropriate role in the Authenticate method of the Authenticator and have something like this in your login.page.xml:
<page> <navigation from-action="#{identity.login}"> <rule if="#{identity.loggedIn and identity.hasRole('admin')}"> <redirect view-id="/admin/HomePage.xhtml"/> </rule> <rule if="#{identity.loggedIn}"> <redirect view-id="/user/HomePage.xhtml"/> </rule> </navigation> </page>
-
4. Re: Two login pages/methods
hubaghdadi Jan 17, 2008 9:17 AM (in response to hubaghdadi)What if the public site requires username/password combination and admin site requires Employee ID (which means difference login page)?
Sorry, I'm not trying to annoying, I just like to know to handle those cases. -
5. Re: Two login pages/methods
david.spark Jan 17, 2008 10:05 AM (in response to hubaghdadi)Oh right, I see what you're trying to do now :-)
I think what I would do is take the username / password and in the Authenticate method try and validate it as both a user and an admin and then set the role to whichever one it validates as.
Obviously the one assumption here is that there will never be a user with the same user name as an existing employee ID but you could put measures in place to prevent this. -
6. Re: Two login pages/methods
hubaghdadi Jan 17, 2008 10:24 AM (in response to hubaghdadi)Well, I think you will kill me soon :)
Login page for the public contains: username and password fields.
Login page for the admin contains: EmployeeID only
Two different pages dude :D -
7. Re: Two login pages/methods
pmuir Jan 17, 2008 10:34 AM (in response to hubaghdadi)No, but you could file a feature request for the ability to have different login-view-id's specified on page elements in pages.xml.
You would still need to deal with authenticate as Dave suggests. -
8. Re: Two login pages/methods
shane.bryzak Jan 17, 2008 10:52 AM (in response to hubaghdadi)Extend Identity (the security chapter of the docs describes how to do this) and add an EmployeeID property to it. You'll also need to override the isCredentialsSet() method and probably some other stuff as well. Then your authenticator simply checks to see what is set (either username/password or employeeId) and authenticates accordingly.
-
9. Re: Two login pages/methods
david.spark Jan 17, 2008 11:05 AM (in response to hubaghdadi)"hubaghdadi" wrote:
Well, I think you will kill me soon :)
Login page for the public contains: username and password fields.
Login page for the admin contains: EmployeeID only
Two different pages dude :D
I still think my method would work, both different pages can use the same Authenticator, the only proviso would be that you would need to pass the EmployeeID as the username and in this case the password would be blank. Again you can check for the relevant details in the database to determine which is which.
Incidentally are you saying that your general users require to enter password but that your admin users don't?!
...or just do like Shane says :-) -
10. Re: Two login pages/methods
hubaghdadi Jan 18, 2008 11:42 AM (in response to hubaghdadi)"david.spark" wrote:
Incidentally are you saying that your general users require to enter password but that your admin users don't?!
...or just do like Shane says :-)
What I'm saying that the public users have two fields to fill and the administrators have only one field (which it could be a secret code given by their manager).
Maybe my original question doesn't live in the real world, but I just liked to know how to solve such cases....