I created JSF login page which is used for client authentication. I created filter which destroys user session when the user opens page logout.html. I want to create simple http link which will be used when it's clicked to redirect user to logout.html page. What JSF tag can you recommend for page redirection?
Just use <h:outputLink>.
<h:outputLink value="logout.html">Logout</h:outputLink>
Do you know that you can even use plain HTML in JSF?
Logout
Related
In my scenario there is a HTML web form that user fills it and after pressing submit button it redirects to another custom page, I want to instead of redirecting to another page redirect to my Flutter app and read some page parameters. Is it possible?
Using JSf2.2 with primefaces 3.4, could not redirect to home page which is my default url of application.
if I am at the one of the view(page) in my application using JSF mvc .when i stop the server and restart it and enter the existing url (or the url where my app at the moment) then my app redirect to login page ,which is done by spring security .now when i logged in again getting redirected to the view from where i came to the login page.I have checked the javax.faces.STATE_SAVING_METHOD in my web.xml it is mentioned client .what is the problem it should be redirect to defaultUrl page i.e home.xhtml . Do jsf store the previous view if we do not get properly logged out ?or some other issue kindly tell me
This is not related to JSF / Primefaces as already indicated. Its due to spring security configuration.
You can control this behavior by setting either true / false for 'always-use-default-target' attribute of tag.
Example 1:
In this example after successfull login it would always invoke /success action, irrespective of which page you initiated the action
<form-login default-target-url="/success" always-use-default-target="true" />
Example 2:
In this example after successfull login it would show the page where you initiated the action.
<form-login default-target-url="/success" always-use-default-target="false" />
I have a Joomla (nginx + mysql) site running as UI and some JSP (tomcat + mysql) handling calculation logic.
I want to integrate JSP pages in to Joomla as iframe. I succeeded doing that, but the question is:
How do I make JSP pages NOT visitable to public but only visitable via Joomla site?
For example,
Joomla site is under mydomain.com/Joomla
JSP pages are under mydomain.com/JSP
When a user visit mydomain.com/JSP in the browser, the user cannot see the JSP page(see error or empty page instead).
But when the user open mydomain.com/Joomla in the browser and go to the page that contains the JSP site within an iframe, the user can see the JSP page there.
I am thinking about changing folder/file owner and permission. Am I on the right track? How should I approach exactly?
Thanks,
Milo
You need to change the way you're currently workin on.
1) Use composent JUMI to create virtual Joomla component based on your scripts.
2) On each page add this code at the very beginning of each of your scripts:
<?php
defined( '_JEXEC' ) or die ('Restricted Access');
?>
It'll prevent users for loading directly your scripts without any active Joomla session.
I'm creating login form using JSF 2.0. Below is the detailed description.
When I run the form, I get the login.xhtml
Once I get successfully logged in, I get page as temp1.xhtml and when I click the link (that I have created on temp1.xhtml page) I get temp2.xhtml page.
All is working perfectly... but the problem of URL which is described below...
When I successfully logged in, the browser still shows URL as login.xhtml instead if temp1.xhtml
when I click on the link that is on temp1.xhtml, I get temp2.xhtml page but the URL says temp1.xhtml instead of temp2.xhtml
Could any one help me to show the correct URL as I have to filter these pages and as URL is INCORRECT my filter is useless...
Please note that I am not using configuration file for directing the pages...
You have to add:
?faces-redirect=true in the end of the view that you are directing.
e.g:
return "mypage?faces-redirect=true"
you can also directly use it in the .xhtml files for example on page temp1.xhtml page in link use action="temp2?faces-redirect=true"
I'm making a web application in which certain pages are login-protected. I have created a JDBC security realm in glassfish for this, and used Form authentication (Similar to the method described here)
I'm using Navigation rules to redirect the user to the secured areas of the website:
<navigation-case>
<from-outcome>showResults</from-outcome>
<to-view-id>/SecureUser/Reservation/New/AvailableResults.xhtml</to-view-id>
<redirect/>
</navigation-case>
(etc...)
This works fine. But if I skip the redirect tag in the navigation-case, then the URL of the page doesn't change. And in that case, an unauthenticated user is able to access the secured page.
What is the best way to go about this? Making sure that the page is redirected instead of forwarded is good enough? Should I write code in every secured page that checks whether the user is logged in or not?
Using POST for page-to-page navigation is considered bad practice. Don't use JSF h:commandLink or h:commandButton for simple page-to-page navigation. Both generates a POST form which is totally unnecessary and SEO-unfriendly for simple navigation. Rather use h:link or h:button instead. It renders a plain vanilla GET link and GET form respectively.
If you are submitting a POST form anyway and the result page is different from the form page, then using PRG (Post-Redirect-Get) pattern is considered good practice. You can use <redirect/> for this.