3 Replies Latest reply on Jan 10, 2014 8:04 AM by pcraveiro

jsf & picketlink: redirect to login page if not logged in

fer.marino Nov 4, 2013 5:01 AM

Ok, this is a simple and commond question, but I'm so inexpert I can't find an answer myself!

So I'm here asking you how can I redirect everyone that try accessing any non login page if #{identity.loggedIn} is false. I've tried with JSF navigation model, without success. I think that its navigation rules does not work for direct access view.

How do I do that? Servlet filters? In the maven archetype I used to build my application there is no web.xml file...

JSF navigation model?

picketlink federation module?

Thank you for your patient!

Fernando

1. Re: jsf & picketlink: redirect to login page if not logged in

pcraveiro Nov 6, 2013 3:40 PM (in response to fer.marino)

Hi Fernando,

I think you can try Apache Deltaspike JSF support [1] , which can be easy integrated with PicketLink [2].

[1] http://deltaspike.apache.org/jsf.html
[2] https://github.com/jboss-developer/jboss-picketlink-quickstarts/tree/v2.5.2.Final/picketlink-deltaspike-authorization

Regards.
Actions
2. Re: jsf & picketlink: redirect to login page if not logged in

jmanko Jan 8, 2014 9:42 PM (in response to fer.marino)

Does something like the following work?

What about this (I haven't tried it, so let me know if it works):

@WebFilter(filterName = "loginFilter", initParams = {
@WebInitParam(name = "loginPage", value = "/login.xhtml")}, dispatcherTypes = {DispatcherType.REQUEST, DispatcherType.FORWARD}, servletNames = {"Faces Servlet"})
public class LoginFilter implements javax.servlet.Filter {

    @Inject Identity identity;
    private FilterConfig filterConfig = null;

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
    }

      @Override
      public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
         HttpServletRequest req = (HttpServletRequest) request;
         HttpSession session = req.getSession();
         Boolean clientHasTermsOfUseText = Boolean.FALSE;

        if (!identity.isLoggedIn() && filterConfig != null) {
            String toPage = filterConfig.getInitParameter("loginPage");
            if (toPage != null && !"".equals(toPage)) {
                filterConfig.getServletContext().getRequestDispatcher(toPage).forward(request, response);
                return;
            }
        }

        if (chain != null) {
            chain.doFilter(request, response);
        }
    }

    @Override
    public void destroy() {
        filterConfig = null;
    }
}
Actions
3. Re: jsf & picketlink: redirect to login page if not logged in

pcraveiro Jan 10, 2014 8:04 AM (in response to jmanko)

Hi John,

    From a PicketLink perspective you can always inject the Identity bean in a web filter. Just like you're doing.

    In order to get some example applications using PicketLink I would recommend you to take a look at our quickstarts:

       Chapter 12. PicketLink Quickstarts

    One of them is using a filter to perform some authorization checks very similar as you're doing.

      https://github.com/jboss-developer/jboss-picketlink-quickstarts/blob/v2.5.2.Final/picketlink-authentication-idm-multi-tenancy/src/main/java/org/jboss/as/quickstarts/picketlink/idm/multitenancy/jsf/RealmProtectionFilter.java
Actions

Go to original post