How to implement multiple user Login using sessions in JSF
-
14-06-2021 - |
Question
I am new to JSF, I am working on web project.
I want to implement Login system, where multiple users can Login. Just like Facebook or any other website where you give username and password and access you account.
The other thing I want is, if a user is not logged in and he wants to access a (restricted) url he must be redirected to Login page.
I do not even know where to start, however I know how to do 'session tracking' in Servlet.
can anyone suggest me good example or help me by a sample code.
Solution
As far as I know JSF has no special authentication function.
- write your own authentication. Only suitable for very simple scenarios (no role based authorization, etc.)
- Write a Filter to control page access (check your session. If the user isn't logged in, redirect him to login page)
- Build a login page, check users credentials and set the login flag
- Build a logout method to erase the flag inside the users session
- use container manged security Java EE 5 Tutorial
- use third party library like Apache Shiro or Spring Security
OTHER TIPS
Save the login data in a session scoped Bean. Here you have a complete JSF tutorial with some examples and source code. Check the part about Managed Beans I.
A basic way to implement that is to check if the user is logged (there is a valid Login Bean stored in session) when he accesses a page. If it isn´t, redirect to login page. This is about checking if the user is logged in with Phase Listeners