Map a filter to your JSF servlet (faces/*). In that filter check that
user principal is not null. If it's not null, do your initialization
stuff if not yet done. When it's done, store that state information in
session. Here that's how we check and upgrade user profile informations
upon login.
If you need to do something *before user type in credential infos*, but
only when *login is required*, you will have to do it from inside the
JSP that does render the login form
alee amin a écrit :
yeah i can get info from getPrincipal() but where should i put that code to
retrieve the info? where should i save the state in session? at login page?
no - then after login the secured page is going to open - i need to save
something or process something before it.
-alee
On 9/19/07, Tim Funk <[EMAIL PROTECTED]> wrote:
Filters are not invoked on j_security_check
If you need to do something "special" on login - you will need to store
some state in the session. (Like session variable called
didInitializeSession)
Then the filter can check for the existence of a
request.getUserPrincipal() &&
session.getAttribute("didInitializeSession") to see if you need to do
any special setup work.
-Tim
alee amin wrote:
Hi,
I have implemented form based security on web app using JDBCRealm in
server.xml file. It has been implemented. Now i want to use some pre-req
before accessing any page in secure area say (faces/secure/main.xhtml).
My index page redirect to faces/secure/main.xhtml where it ask for login
and
then the page is shown. I want to interpret the request after the login
and
before main.xhtml. I have read different topics and it is not possible
to
implement Filter on j_security_check (not sure for tomcat 5.5+). Is
there
any way to implement on it or there is any alternate that i can
interpret
the request?
(security constraint on /faces/secure/*)
I have used an alternate
index -> faces/secure/redirect.jsp -> login (by tomcat) and then
faces/secure/redirect.jsp -> faces/secure/main.xhtml (redirecting to
this
page from redirect page). I implemented the FILTER on redirect.jsp. It
is
invoking but i am not liking the method.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
