-
1. Re: jsf & picketlink: redirect to login page if not logged in
pcraveiro Nov 6, 2013 3:40 PM (in response to fer.marino)Hi Fernando,
I think you can try Apache Deltaspike JSF support [1] , which can be easy integrated with PicketLink [2].
[1] http://deltaspike.apache.org/jsf.html
Regards.
-
2. Re: jsf & picketlink: redirect to login page if not logged in
jmanko Jan 8, 2014 9:42 PM (in response to fer.marino)Does something like the following work?
What about this (I haven't tried it, so let me know if it works):
@WebFilter(filterName = "loginFilter", initParams = {
@WebInitParam(name = "loginPage", value = "/login.xhtml")}, dispatcherTypes = {DispatcherType.REQUEST, DispatcherType.FORWARD}, servletNames = {"Faces Servlet"})
public class LoginFilter implements javax.servlet.Filter {
@Inject Identity identity;
private FilterConfig filterConfig = null;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpSession session = req.getSession();
Boolean clientHasTermsOfUseText = Boolean.FALSE;
if (!identity.isLoggedIn() && filterConfig != null) {
String toPage = filterConfig.getInitParameter("loginPage");
if (toPage != null && !"".equals(toPage)) {
filterConfig.getServletContext().getRequestDispatcher(toPage).forward(request, response);
return;
}
}
if (chain != null) {
chain.doFilter(request, response);
}
}
@Override
public void destroy() {
filterConfig = null;
}
}
-
3. Re: jsf & picketlink: redirect to login page if not logged in
pcraveiro Jan 10, 2014 8:04 AM (in response to jmanko)Hi John,
From a PicketLink perspective you can always inject the Identity bean in a web filter. Just like you're doing.
In order to get some example applications using PicketLink I would recommend you to take a look at our quickstarts:
Chapter 12. PicketLink Quickstarts
One of them is using a filter to perform some authorization checks very similar as you're doing.