authentication « Security « JSF Q&A

1. JSF authentication and authorization

What is the best way to go about implementing authentication and authorization for a JSF web application? Preferrably I'd still want to use container-based security, as I need to call EJBs ...

2. Best way for user authentication on JavaEE 6 using JSF 2.0?

I'm wondering what the current state of art recommendation is regarding user authentication for a web application making use of JSF 2.0 (and if any components do exist) and JEE6 core ...

3. How to handle dynamic role or username changes in JSF?

I have a JSF application running on glassfish 2.1 with a EJB 3 backend. For authentication I use a custom realm. The user authenticates using the e-mail-address and password he specified ...

4. Authentication / Authorization in JSF web application?

I found there are 2 types of authentication mechanism in JSF.

  1. JASS
  2. Container managed
(please correct if I am wrong) I tried searching for a better tutorial that guide to learn any of those method. ...

5. JSF Authentication

I'm developing a JEE application (JSF2 + richfaces+ Facelets + Tomcat). What's the best way to perform authentication when using JSF? Or should I make my own ?

6. CAS authentication and limiting access for specified users

I'm using CAS (Central Authentication Service) from Jasig in a client JSF app running on tomcat 6 server. I would like to limit the access to the app just for the ...

7. user authentication jsf

I want to create user authentication (login) and security page in jsf, that manages user access in my program.
I need a sample or tutorial about that - can you suggest or ...

8. Java EE 5 programmatic authentication

How I can authenticate a user from JSF action (or in servlet doGet/doPost methods)? I mean something like:

Authenticator auth = ...;
if (!auth.authenticate("user","password"))
    FacesContext.getInstance().addMessage("Incorrect username or password", null);
  • This ...

9. Java Web/JSF/Persistence: Simple authentication with user roles

I'm working on the following seemingly basic task: ''Create a dvd store. The system has two types of users: admins and basic users. Admins can perform CRUD on DVD items, basic users ...

10. Using Mainframe CICS login for JSF Web application

Any advise on how to go about implementing a login for a JSF Icefaces based web application, running on GlassFish v3 with Hibernate JPA talking to DB2, with the credentials of ...

11. Simple login and logout capabilities for my web app(JSF 2.0)

This morning i rode chapters 39,40 and 41 of the JEE6 tutorial. But i am very, very confused. I don't have a background on web-app security with JEE6, and i am ...

12. @ManagedProperty object for authentication data is null

I have the following managed bean which stores the login data after container authentication:

@ManagedBean(name = "authenticatedUserController")
public class AuthenticatedUserController implements Serializable {

private jpa.UtentiportaleFacade ejbFacade;

  public Utentiportale getAuthenticatedUser() {

13. Java Web Application Authentication

I try to design web application which consists 2 modules:

  1. Web Application Client in JSF (host1)
  2. EJB (Server part, host2)
  3. Database host (host 3)
EJB authentication and authorization would work with jdbc realm so ...

14. Jmeter JSF + WinNT Authentication - Strange

15. User authentication

Not sure what you mean exactly. I usually prefer to use JAAS in connection with either an LDAP source or a set of database tables containing user roles/passwords etc. Using JAAS is a good way (IMO) of controlling security for enterprise apps if your container supports it. What container are you using?

16. simple logic to authenticate users

17. Help! Using Container-managed authentication with JSF

I'm just getting started with JSF, and want to use it in an existing login form (mostly for localization), under Tomcat 5. Everything works fine, until I try to use JSF. My web.xml looks like: ... javax.faces.STATE_SAVING_METHOD server javax.faces.CONFIG_FILES /WEB-INF/config/faces/faces-config.xml com.sun.faces.config.ConfigureListener ...

18. Windows Authentication in JSF project

There's 2 ways to use Windows security in JEE. The easy way is to connect the appserver to Active Directory using LDAP. In pure Tomcat, there's an LDAP security realm that does this that you set up in the Tomcat application Context. For JBoss, I think that it goes in the jboss configuration file for that webapp. This is all portable ...

19. Standard Authentication in JSF

20. Java for log in authentication? (looking for tutorial that applies to situation)

Im trying to build my first site that will use log in info and saved user info. So if I have a form tag on my jsp page containing username and password and a submit button, Im guessing I need to add an action attribute to form. Something like this:

I am just unsure what the java ...

21. Authentication using EJB in JSF

22. Jespa Window AUthentication

25. Authentication nad authorization in JSF

HI, i am trying to do authentication in JSF app, but i stuck. I found, one way is to do it by the JAAS and some realm. I choose jdbcRealm and everything was fine, until I need to display some message to the user(eg you have enterred wrong password(but i do not want to redirect him elsewhere). Another probem is how ...

26. JDBC Realm Authentication failed

Hello, I'm trying to authenticate users via a JDBC Realm but it's not working despite numerous attempts to fix it. Maybe someone here can help me? I get the log-in form on the right pages, I type in the right password, and it just refuses to authenticate. Glassfish error report WARNING: WEB9102: Web Login Failed: Login failed: Security Exception WARNING: ...

27. HttpSession and/or Container-managed authentication/authorization

I am building a web application using JSF, EJB, Eclipse, and Tomcat. I am concerned with saving key user session information, such as name and user_id. When i use container-managed authentication, the users are required to enter their credentials in order to view the desired webpage. However, i want to save their information so that i could access other user related ...