It's been awhile since I've worked with JSF, but I believe you have
two options.
1. Change the parameters authc.usernameParam and authc.passwordParam in
your shiro.ini file to match the field names that jsf uses. This might
work, I'm not sure of the intricacies in jsf.
2. Don't use a filter for login. This is probably what I would do. If
I remember correctly, you can tie your form submission in login.jsf to
a method on your backing bean. This backing bean would need to do
something like this:
try {
AuthenticationToken token = new UsernamePasswordToken(username,
password, rememberMe, request.getRemoteHost());
SecurityUtils.getSubject().login(token);
} catch (AuthenticationException ae) {
// handle error
}
It would also need to do any redirect work.
Whatever you do get working, please share it. I think we need a "Shiro
with JSF" section in the wiki, and perhaps some supporting code in the
shiro-faces module.
Thanks,
Jared
On Sun 25 Nov 2012 12:07:21 AM CST, set321go wrote:
> Hello,
>
> I am relativley new to the jsp/jsf side of java. I am trying to build a web
> application which runs on jboss 7 using jsf2.0 and shiro1.2. I have found
> the extra tag libs i need to give parts of my page different permissions but
> I am having some login Issues.
>
> My problem is that jsf uses its own values for id and name attributes on
> html elements, when my submit response comes back shiro has null values for
> my username and pasword because the name and password dont match what I have
> set in the shiro.ini file. How can I fix this?
>
> shiro.ini
>
> ...
> securityManager.realms = $userRealm
> authc.loginUrl = /faces/login.xhtml
>
> # name of request parameter with username; if not present filter assumes
> 'username'
> authc.usernameParam = username
> # name of request parameter with password; if not present filter assumes
> 'password'
> authc.passwordParam = password
> # does the user wish to be remembered?; if not present filter assumes
> 'rememberMe'
> authc.rememberMeParam = remembered
> ...
>
> login.xhtml
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <!DOCTYPE html
> PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
>
> <html xmlns="http://www.w3.org/1999/xhtml";
> xmlns:h="http://java.sun.com/jsf/html";>
>
> <h:head>
> <title>Simple JSF login page</title>
> </h:head>
>
> <h:body>
> <h:panelGroup rendered="#{!loginBean.errors}">
> <h:form>
> <p>#{loginBean.error}</p>
> </h:form>
> </h:panelGroup>
>
> <h:panelGroup rendered="#{!loginBean.loggedIn}">
>
> Login
>
> <h:form>
> <p>Username: <h:inputText id="username"
> value="#{loginBean.username}" /></p>
> <p>Password: <h:inputText id="password"
> value="#{loginBean.password}" /></p>
> <p>RememberMe: <h:selectBooleanCheckbox id="remembered"
> value="#{loginBean.rememberMe}" /></p>
> <p><h:commandButton value="submit" action="#{loginBean.login}"
> /></p>
> </h:form>
> </h:panelGroup>
> </h:body>
>
> </html>
>
> output from doGetAuthenticationInfo
>
> 21:48:13,491 INFO [stdout] (http--127.0.0.1-8080-1) Authentication - input
> username: null
> 21:48:13,491 INFO [stdout] (http--127.0.0.1-8080-1) Authentication - input
> password: null
> 21:48:13,492 INFO [stdout] (http--127.0.0.1-8080-1) Authentication - input
> host: 127.0.0.1
> 21:48:13,492 INFO [stdout] (http--127.0.0.1-8080-1) Authentication - input
> toString: org.apache.shiro.authc.UsernamePasswordToken - null,
> rememberMe=false (127.0.0.1)
>
>
>
>
>
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/shiro-jsf2-0-login-page-tp7577981.html
> Sent from the Shiro User mailing list archive at Nabble.com.
