基于程序化表格的认证

时间:2013-02-04 13:16:00

标签: jsf-2 form-authentication

我正在尝试执行基于程序化表单的身份验证,似乎就是这样

我的web.xml:

          <web-app>

            <context-param>
                <param-name>javax.faces.PROJECT_STAGE</param-name>
                <param-value>Development</param-value>
            </context-param>

            <servlet>
                <servlet-name>Faces Servlet</servlet-name>
                <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
                <load-on-startup>1</load-on-startup>
            </servlet>

            <servlet-mapping>
                <servlet-name>Faces Servlet</servlet-name>
                <url-pattern>*.jsf</url-pattern>
            </servlet-mapping>

            <servlet-mapping>
                <servlet-name>Faces Servlet</servlet-name>
                <url-pattern>*.xhtml</url-pattern>
           </servlet-mapping>

            <welcome-file-list>
                <welcome-file>confirmauthentication.xhtml</welcome-file>
            </welcome-file-list>

            <session-config>
                 <session-timeout>10</session-timeout>
            </session-config>

            <security-constraint>
                <display-name>Authentication Ex Login</display-name>
                <web-resource-collection>
                    <web-resource-name>SecuredArea</web-resource-name>
                    <url-pattern>/*</url-pattern>
                    <http-method>GET</http-method>
                    <http-method>POST</http-method>
                </web-resource-collection>
                <auth-constraint>
                    <description/>
                    <role-name>*</role-name>
                </auth-constraint>  
            </security-constraint>

            <login-config>
                <auth-method>FORM</auth-method>
                <realm-name>mysqldomain</realm-name>
                <form-login-config>
                <form-login-page>/authentication.xhtml</form-login-page>
                <form-error-page>/error.xhtml</form-error-page>
                </form-login-config>
            </login-config>

            <security-role>
                <description/>
                <role-name>*</role-name>
            </security-role>
                </web-app>

我的jsf页面名为authentication.xhtml:

            <h:form>
                <h:panelGrid border="0" columns="2"> 
                   <h:outputText value="Username"/>
                   <h:inputText value="#{beanJSF.userName}" required="true" />

                   <h:outputText value="Password"/>
                  <h:inputSecret value="#{beanJSF.password}" required="true" />

                   <h:commandButton value="Log in" action="#{beanJSF.submit}">
                         <f:ajax execute="@form" render="@form" />
                   </h:commandButton>
                   <h:messages />    
                </h:panelGrid>
              </h:form>

当我按下“登录”按钮时,似乎没有调用提交方法,我无法弄清楚原因。当我按下按钮时,server.log不显示任何内容(此消息未显示“(”我在登录方法!!!!!!!! ...“)。

我的ManagedBean:

               @URLMappings(mappings={
                @URLMapping(id="success", pattern = "/authentication/", viewId =    "/confirmauthentication.jsf")})
                public class BeanJSF implements Serializable  {

            private String password;
            private String userName;
                // User is the Entity
                private User loggedUser;



            @EJB
            UserEJB services;


                public String submit() throws IOException {
            System.out.println("I am in the login method!!!!!!!! " + getUserName()+ "  " + getPassword());   

                FacesContext context = FacesContext.getCurrentInstance();
                ExternalContext externalContext = context.getExternalContext();
                HttpServletRequest request = (HttpServletRequest) externalContext.getRequest();

                try {
                         request.login(userName, password);


               User user = services.authenticationUser(userName, password);  
                    this.setLoggedUser(user);
                    return "home?faces-redirect-true";

                } catch (ServletException e) {
                    // Handle unknown username/password in request.login().
                    context.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR,"Unknown login", null));
                    return null;
                }
            }

            public void logout() throws IOException {
                ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
                externalContext.invalidateSession();
                externalContext.redirect(externalContext.getRequestContextPath() + "/authentication.xhtml");
            }

               //+ setters and getters for username, password and loggedUser
        }

我的EJB是:

                @Stateless
                public class UserEJB{


                @PersistenceContext(unitName = "PyPersistenceUnit")
                private EntityManager entityManager;

                 public UserEJB(){}

                @TransactionAttribute(TransactionAttributeType.REQUIRED)
                public User authenticationUser(String userName, String password){


                try{
                 User user = entityManager.createNamedQuery(User.FIND_USER,User.class). setParameter("userName", userName).setParameter("password", password).getSingleResult();
                 return user;
            }
            catch(NonUniqueResultException ex){
                ex.printStackTrace();
                return null;
            }
            catch(NoResultException ex){
                ex.printStackTrace();
                return null;
            }
                }

1 个答案:

答案 0 :(得分:3)

您的bean不是由JSF管理的,因此JSF无法在任何地方找到bean。

将JSF bean管理注释添加到类中。

@ManagedBean
@RequestScoped
public class BeanJSF implements Serializable {
    // ...
}