Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Do an action at the page loading

Posted on 2009-07-01
14
Medium Priority
?
290 Views
Last Modified: 2013-11-24
Hi!

I want to do a check on user when I load a page, how can we do this when the page is loading?

(i use JSF pages)
Thanks you!
0
Comment
Question by:Nargzul
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
14 Comments
 
LVL 3

Accepted Solution

by:
serrutom earned 2000 total points
ID: 24757860
You want to check if the user is logged in?

Create a pages.xml file:

<pages login-view-id="/login/login.xhtml">
      <page view-id="/site/*" login-required="true" timeout="900000"/>
      <page view-id="/login/*">
            <navigation>
                  <rule if="#{identity.loggedIn}">
                        <redirect view-id="/site/home/home.xhtml"/>
                  </rule>
            </navigation>
      </page>
      <exception class="org.jboss.seam.security.NotLoggedInException">
            <redirect view-id="/login/login.xhtml">
                  <message>You must be logged in to perform this action</message>
            </redirect>
      </exception>
</pages>

Create a components.xml file:

<components xmlns="http://jboss.com/products/seam/components"
            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
            xmlns:bpm="http://jboss.com/products/seam/bpm"
            xmlns:web="http://jboss.com/products/seam/web"
            xmlns:security="http://jboss.com/products/seam/security">
      <security:identity authenticate-method="#{Authenticator.authenticate}"/>
</components>

Create the Authenticator bean:

@Name("Authenticator")
public class Authenticator {
   public boolean authenticate() {
      ...
   }
}
0
 
LVL 1

Author Comment

by:Nargzul
ID: 24757944
It seems to be what I need.

Just some questions:

-I don't understand why we need the components.xml
-The <rule if=... must be linked to the Authenticator bean I think?
-Where the <message>...</message> will be displayed on our page.

Thanks a lot for the help!
0
 
LVL 1

Author Comment

by:Nargzul
ID: 24757964
I don't use seam, is it a problem? Must we register this  page.xml somewhere?

I've found this, but it's more complicated : http://jsf-comp.sourceforge.net/components/on-load/index.html
0
Build and deliver software with DevOps

A digital transformation requires faster time to market, shorter software development lifecycles, and the ability to adapt rapidly to changing customer demands. DevOps provides the solution.

 
LVL 3

Expert Comment

by:serrutom
ID: 24758005
If you don't user seam you can do it by adding following to your web.xml file:

      <security-constraint>
            <web-resource-collection>
                  <web-resource-name>Protected pages</web-resource-name>
                  <url-pattern>/secure/*</url-pattern>
            </web-resource-collection>
            <auth-constraint>
                  <role-name>USER</role-name>
            </auth-constraint>
            <user-data-constraint>
                  <transport-guarantee>NONE</transport-guarantee>
            </user-data-constraint>
      </security-constraint>
      <security-role>
            <role-name>USER</role-name>
      </security-role>

You also need to define the authentication class in your application server. In JBoss it is done by adding this to the login-config.xml file:

    <application-policy name = "other">
        <authentication>
            <login-module code="com.mycompany.LoginModule" flag="required"></login-module>
        </authentication>
    </application-policy>
0
 
LVL 3

Expert Comment

by:serrutom
ID: 24758025
I think it will be better to protect a complete set of files, instead of checking the security on every page.
0
 
LVL 1

Author Comment

by:Nargzul
ID: 24758936
But we can define pattern like: adminPages/* or Admin*,

I don't really want to use roles in J2EE, because I've a lot of custom actions to log, and it seems too complicate to connect the database to the role manager.

I think I will use the solution I've founded
0
 
LVL 3

Assisted Solution

by:serrutom
serrutom earned 2000 total points
ID: 24760922
Yes you can define a pattern like: adminPages/*


      <security-constraint>
            <web-resource-collection>
                  <web-resource-name>Protected pages</web-resource-name>
                  <url-pattern>/adminPages/*</url-pattern>
            </web-resource-collection>
            <auth-constraint>
                  <role-name>USER</role-name>
            </auth-constraint>
            <user-data-constraint>
                  <transport-guarantee>NONE</transport-guarantee>
            </user-data-constraint>
      </security-constraint>
      <security-role>
            <role-name>USER</role-name>
      </security-role>

You can write your own login module, and use only what you want to use. If you don't have roles, add one fixed role (USER in my example) in your login module.
0
 
LVL 1

Author Comment

by:Nargzul
ID: 24762235
have you more informations about how to write this kind of module? I've guest, user and admin level. Guest has only access to the login page.
0
 
LVL 3

Expert Comment

by:serrutom
ID: 24762554
What type of application server are you using? JBoss, Tomcat, Resin, ...
0
 
LVL 1

Author Comment

by:Nargzul
ID: 24762562
glassfish
0
 
LVL 3

Assisted Solution

by:serrutom
serrutom earned 2000 total points
ID: 24762721
A description of the configuration:

http://blogs.sun.com/phendley/entry/creating_and_using_a_glassfish

And check out the matching package with example files:

http://blogs.sun.com/phendley/resource/loginmoduletest.zip
0
 
LVL 1

Author Comment

by:Nargzul
ID: 24763190
I'm sorry, but I'm so short in times and it seems to be really complicated, I've watched exemple, but I don't understand how pieces works together, between myRealm, the logn module, what match "ProgrammaticLogin", and I'm very stressed by the time.

And I don't see how to check if we are logged on the system.

In addition, I've other things I must do at the startup(log some informations), and this system will not work for this.

And I don't want to be dependant of an application server.
0
 
LVL 3

Assisted Solution

by:serrutom
serrutom earned 2000 total points
ID: 24763300
This is a standard way of working, and should work in all java application servers.

Depending on your platform, you can use classes to build your LoginModule on, just to make things easier and not having to implement everything.

Another info link:

http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/JAASLMDevGuide.html
0

Featured Post

Build and deliver software with DevOps

A digital transformation requires faster time to market, shorter software development lifecycles, and the ability to adapt rapidly to changing customer demands. DevOps provides the solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By the end of 1980s, object oriented programming using languages like C++, Simula69 and ObjectPascal gained momentum. It looked like programmers finally found the perfect language. C++ successfully combined the object oriented principles of Simula w…
Introduction Java can be integrated with native programs using an interface called JNI(Java Native Interface). Native programs are programs which can directly run on the processor. JNI is simply a naming and calling convention so that the JVM (Java…
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
This tutorial will introduce the viewer to VisualVM for the Java platform application. This video explains an example program and covers the Overview, Monitor, and Heap Dump tabs.
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question