i’ve problem when integrated jsf 2.0, springframeork 3.0.2 and primefaces
in this case i’m using spring security [login.jsp] for authentication user and it works, but i wanna change it to jsf page [login.jsf include in jsf templates].
i means : when application running, The first page is displayed first home page template [home.jsf] with login.jsf in it
anyone give me suggest for this problem…:D
thx agung
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Production</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/app-config.xml</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_LIBRARIES</param-name>
<param-value>/WEB-INF/springsecurity.taglib.xml</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<servlet>
<servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/app-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>faces/index.jsp</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
security.xml
<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:b="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<http realm="Project Realm" auto-config="true" use-expressions="true">
<intercept-url pattern="/auth/**" filters="none"/>
<intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')"/>
<intercept-url pattern="/users/**" access="hasRole('ROLE_USER')"/>
<intercept-url pattern="/**" access="hasAnyRole('ROLE_ADMIN','ROLE_USER')"/>
<form-login login-page="/auth/login.jsp" authentication-failure-url="/auth/login.jsp?login_error=1"/>
<logout logout-success-url="/auth/login.jsp"/>
<remember-me />
</http>
<authentication-manager>
<authentication-provider>
<password-encoder hash="md5"/>
<jdbc-user-service data-source-ref="dataSource" />
</authentication-provider>
</authentication-manager>
</b:beans>
jsf page with template, tempHome.xhtml
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:p="http://primefaces.org/ui"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:h="http://java.sun.com/jsf/html"
style="overflow: hidden">
<h:head>
<title>Facelets Template</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link href="./../resources/css/default.css" rel="stylesheet" type="text/css" />
<link href="./../resources/css/userCssLayout.css" rel="stylesheet" type="text/css" />
<link href="./../resources/css/layout.css" rel="stylesheet" type="text/css" />
</h:head>
<h:body>
<div id="top">
<ui:insert name="top">
</ui:insert>
</div>
<div>
<div id="left">
<ui:insert name="left"></ui:insert>
</div>
<div>
<div id="right">
<ui:insert name="right"></ui:insert>
</div>
<div id="content" class="right_content">
<table style="width: 100%;">
<tbody>
<tr align="left">
<td width="0%"></td>
<td>
<ui:include src="./../userPage/userMenubar.xhtml"/>
</td>
<td>
<ui:include src="./../pageLogin/userLogin.xhtml"/>
</td>
</tr>
</tbody>
</table>
<ui:insert name="content">
</ui:insert>
</div>
</div>
</div>
<div id="bottom">
<ui:insert name="bottom"></ui:insert>
</div>
</h:body>
index.jsp
<% response.sendRedirect("userPage/home.jsf"); %>
userLogin.xhtml
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:p="http://primefaces.org/ui"
xmlns:h="http://java.sun.com/jsf/html">
<h:head>
<title>Facelet Title</title>
</h:head>
<h:body>
<h:form style="height: 50px; font-size: 10px;">
<p:toolbar>
<p:toolbarGroup align="left">
<p:separator />
<h:outputText value="Username : "/>
<p:inputText value="#{memberBean.selected.username}"/>
<h:outputText value="Password : "/>
<p:password value="#{memberBean.selected.password2}" feedback="false"/>
<p:commandButton value="Login" actionListener="#{memberBean.cek()}"/>
<p:commandButton type="button" title="Save" icon="ui-icon-disk"/>
</p:toolbarGroup>
<p:toolbarGroup align="right">
<p:menuButton value="Options">
<p:menuitem value="Home" url="http://www.primefaces.org" />
<p:menuitem value="ShowCase"
url="http://www.primefaces.org/showcase" />
<p:menuitem value="TouchFaces"
url="http://www.primefaces.org/showcase/touch" />
</p:menuButton>
</p:toolbarGroup>
</p:toolbar>
</h:form>
</h:body>
</html>
May sound trivial but did you try replacing login.jsp with login.jsf path in security.xml? You would have to exclude required files from intercepted URLs of course. Test it without this line to begin with:
The above line is not a good idea really, it will block your css files, javascript, images that may be required by login page. I prefer to restrict access to specific areas and keep resources accessible by default.
Also keep in mind login page may be loaded thousand times under some circumstances – broken scripts, inhouse server status monitoring etc. Plain jsp page should be processed much faster.