4 Replies Latest reply on Mar 12, 2009 10:39 AM by Jay Balunas

    JAAS with Ajax4JSF

    Varun Rao Newbie

      I am using JAAS authentication for the application.
      I have a Ajax4JSF enabled page which needs authentication to be viewed.
      My URL looks like this:
      http://localhost:8080/Test/pages/TestMain.jsf

      This is a tiles page where the body has Ajax4JSF tags and looks like this:
      .....
      <a4j:outputPanel ajaxRendered="true" id="ajaxOutputPanal">
      <h:inputTextarea rows="5" cols="30" id="status"
      value="#{backing_pages_SubViews_SubviewDatabaseStatsBackingBean.status}">
      </h:inputTextarea>
      </a4j:outputPanel>
      <a4j:commandLink ajaxSingle="true" reRender="ajaxOutputPanal" value="Reload"/>
      .....

      When i hit this URL directly it rediects me back to the "Login" page using JAAS authentication.

      However, after the authentication is successful it does not take me to the Actual page, but throws me this this URL, which shows a lot of Javascript.

      http://localhost:8080/Test/a4j.res/org.ajax4jsf.framework.ajax.AjaxScript.jsf

      Seems like j_security does not understand the page it has to go to. This works fine for pages with no Ajax4JSF tags.

      Please help...!!

        • 1. Re: JAAS with Ajax4JSF
          Igor Shabalov Apprentice

          Can you give us a bit more details about your use case? What page you looking first, how you get to the authentication page and what happened after authentication.

          • 2. Re: JAAS with Ajax4JSF
            Alexander Smirnov Master

            Form-based JAAS authentication redirect user to last accessed page.
            Don't protect by sequrity constraints /a4j.res/* url's. You don't have any reasons to protect open-sourse resources.

            • 3. Re: JAAS with Ajax4JSF
              Alvaro Rivello Newbie


              Hi guys,

              Did anybody found the solution of the problem above ?.
              I've got the same kind of error; I'm using jboss 5.0.1.GA, faceletes 1.1.15.B1, faces 1.2, richfaces 3.3.0.GA and JAAS.
              When I ask for the welcome page (welcome.jsf), the loging page is redered for authentication and after authentication succeeded
              I get this link http://localhost:8080/myapp/a4j/g/3_3_0.GAorg/richfaces/renderkit/html/scripts/skinning.js.jsf instead of the original welcome page.
              The default welcome file index.html has a call to another welcome.jspx file (Welcome.jspx does not have any "<a4j:" tag)

              Everything works fine, if I remove the JAAS security section from the web.xml.

              security seccion in web.xml:

              <security-role>
              <role-name>Admin</role-name>
              </security-role>
              <security-constraint>
              <web-resource-collection>
              <web-resource-name>all</web-resource-name>
              <url-pattern>*.jspx</url-pattern>
              <url-pattern>*.jsf</url-pattern>
              </web-resource-collection>
              <auth-constraint>
              <role-name>Admin</role-name>
              </auth-constraint>
              </security-constraint>
              <login-config>
              <auth-method>FORM</auth-method>
              <realm-name>admin-realm</realm-name>
              <form-login-config>
              <form-login-page>/pages/security/login.jsf</form-login-page>
              <form-error-page>
              /pages/security/loginError.jsf
              </form-error-page>

              </form-login-config>
              </login-config>

              I would like to have this jsf application working with JAAS.

              Does anybody have any idea or clue ?

              thanks in advanced

              • 4. Re: JAAS with Ajax4JSF
                Jay Balunas Master

                This forum is deprecated, could you please post your question in the RichFaces User forum?

                Thanks,
                Jay