I have a fairly standard login page, something like:
.... <h:inputText id="username" value="#{identity.username}" required="true"> <a4j:support event="onblur" reRender="usernameErr" action="#{authenticator.checkUserName}" /> </h:inputText> <rich:message id="usernameErr" for="username"> <f:facet name="errorMarker"> <h:graphicImage value="/img/error.gif" /> </f:facet> </rich:message> <h:outputLabel for="password" escape="false" value="#{messages['user.password']}:" /> <h:inputSecret id="password" value="#{identity.password}" required="true"> <a4j:support event="onblur" reRender="passwordErr" action="#{authenticator.checkPassword}" /> </h:inputSecret> <rich:message id="passwordErr" for="password"> <f:facet name="errorMarker"> <h:graphicImage value="/img/error.gif" /> </f:facet> </rich:message> <h:commandButton value="Login" action="#{identity.login}" /> ....
I have to do validation for username/password (length, allowed chars, etc.). That works alright, but I must return false in my authenticate-method even if validation fails. That raises a 'org.jboss.seam.security.loginFailed' event, whitch in turn gets logged. I'd like to avoid that.
Is there a preferred way to fail validation in the login page (like returning null in a regular page)? Or do I have to extend/override Identity to not raise the event if there are validation errors?
Simpler than I thought: I just added a LoginAction that only calls Identity.login if validation is successful.