It looks like the problem is that you're using prefix-mapping, but your
login config assumes suffix. Try this (Note the change in the error
page mapping as well):
<login-config>
<auth-method>FORM</auth-method>
<realm-name>realm/MINIpayRealm</realm-name>
<form-login-config>
<form-login-page>/faces/login.xhtml</form-login-page>
<form-error-page>/faces/error.xhtml</form-error-page>
</form-login-config>
</login-config>
On 3/25/11 3:15 PM, java4dev wrote:
> First let me thank you all for your responses.
>
> I am using NetBeans 7 with JSF 2.0. The web.xml is generated by
> NetBeans but I verified everything manually..
> This is basically the hello1_formauth tutorial example in glassfish 3.1
> I only added my custom made realm for authentication and wanted to
> test the login page.
> My concern is that code like the one below i not working,
> <h:commandLink value="#{bundleAccess['login.forgot.password']}"
> action="forgotPassword" />
>
> and if the login.jsf is not pure html nothing else works.
> By the way the authentication works ok, I just want to create a
> reacher login page to have links like forgotPassword Register etc.
>
>
> <?xml version="1.0" encoding="UTF-8"?>
> <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
> <context-param>
> <param-name>javax.faces.PROJECT_STAGE</param-name>
> <param-value>Development</param-value>
> </context-param>
> <servlet>
> <servlet-name>Faces Servlet</servlet-name>
> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
> <load-on-startup>1</load-on-startup>
> </servlet>
> <servlet-mapping>
> <servlet-name>Faces Servlet</servlet-name>
> <url-pattern>/faces/*</url-pattern>
> </servlet-mapping>
> <servlet-mapping>
> <servlet-name>Faces Servlet</servlet-name>
> <url-pattern>/hello1_formauth/*</url-pattern>
> </servlet-mapping>
> <session-config>
> <session-timeout>
> 30
> </session-timeout>
> </session-config>
> <welcome-file-list>
> <welcome-file>faces/index.xhtml</welcome-file>
> </welcome-file-list>
> <security-constraint>
> <display-name>Constraint1</display-name>
> <web-resource-collection>
> <web-resource-name>wrcoll</web-resource-name>
> <description/>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <description/>
> <role-name>role/user</role-name>
> </auth-constraint>
> </security-constraint>
> <login-config>
> <auth-method>FORM</auth-method>
> <realm-name>realm/MINIpayRealm</realm-name>
> <form-login-config>
> <form-login-page>/login.jsf</form-login-page>
> <form-error-page>/error.xhtml</form-error-page>
> </form-login-config>
> </login-config>
> <security-role>
> <description/>
> <role-name>role/user</role-name>
> </security-role>
> </web-app>
>
>
> Στις 25/3/2011 7:50 μμ, ο/η Jason Lee έγραψε:
>> And what's your FacesServlet mapping (i.e., prefix or suffix)?
>>
>> On 3/25/11 12:47 PM, Shing Wai Chan wrote:
>>> Do you set up the security constraint in web.xml?
>>>
>>> On 3/25/11 10:39 AM, java4dev wrote:
>>>> I have exactly the same configuration in my web.xml file.
>>>> Changing the suffix to .jsf does not change anything.
>>>> no jsf tags are processed
>>>>
>>>> Στις 25/3/2011 3:58 μμ, ο/η Jason Lee έγραψε:
>>>>> You can use a JSF page for your login page. As I noted, we do that
>>>>> in GlassFish. My guess is that your security config wasn't quite
>>>>> right, and was directing the browser to login.xhtml and not
>>>>> login.jsf. Here's the relevant part of the GlassFish Admin
>>>>> Console's web.xml:
>>>>>
>>>>> <login-config>
>>>>> <auth-method>FORM</auth-method>
>>>>> <realm-name>admin-realm</realm-name>
>>>>> <form-login-config>
>>>>> <form-login-page>/login.jsf</form-login-page>
>>>>> <form-error-page>/loginError.jsf</form-error-page>
>>>>> </form-login-config>
>>>>> </login-config>
>>>>>
>>>>> Once you have that correct, you should be able to use any JSF
>>>>> components you wish, though your form (and probably its input
>>>>> elements) will need to be a regular HTML form, as h:form doesn't
>>>>> let you specify an action.
>>>>>
>>>>> On 3/24/11 8:24 PM, java4dev wrote:
>>>>>> the browser is requesting one of the secured pages e.g. the
>>>>>> index.xhtml
>>>>>> I have placed the security constraints in the web.xml file so
>>>>>> that form authentication is activated for my custom realm
>>>>>>
>>>>>> I changed the page to pure html code and the authentication is
>>>>>> now working.
>>>>>> I have two questions though, it is obvious that nothing jsf based
>>>>>> works with this approach.
>>>>>> how do I use bundles in this page if I want to provide a
>>>>>> localized login page?
>>>>>> how do I create a link to call a jsf page e.g. the register.xhtml?
>>>>>>
>>>>>> Isn't there any way that I can provide my own jsf pages for
>>>>>> login, registration?
>>>>>> Would programmatic login be a solution to this problem?
>>>>>> But then if programmatic login is the solution how will I define
>>>>>> this in the web.xml file?
>>>>>>
>>>>>>
>>>>>>
>>>>>> Στις 24/3/2011 4:11 μμ, ο/η Jason Lee έγραψε:
>>>>>>> What URL is the browser requesting? It should be login.jsf.
>>>>>>>
>>>>>>> For what it's worth, once you solve the processing issue, I
>>>>>>> expect the page might break as h:commandButton and h:commandLink
>>>>>>> require that they are enclosed in h:form. For this login form,
>>>>>>> I think you're going to want to use regular HTML forms and
>>>>>>> inputs. The GlassFish Admin Console login form does the same thing.
>>>>>>>
>>>>>>> On 3/24/11 3:12 AM, java4dev wrote:
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> I am trying to use form authentication, because I want to allow
>>>>>>>> users to register if they are not members but
>>>>>>>> I have the following problem,
>>>>>>>> The login.xhtml file is attached
>>>>>>>>
>>>>>>>> Now my problem is that when I try to access a page where the
>>>>>>>> form should I appear I get in Safari
>>>>>>>> Username:Password:
>>>>>>>> In mozilla I get a message that the XML has no format information.
>>>>>>>>
>>>>>>>> It seems that the source sent by the server is
>>>>>>>>
>>>>>>>> <?xml version='1.0' encoding='UTF-8' ?>
>>>>>>>> <!DOCTYPE composition PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
>>>>>>>> <ui:composition xmlns:ui="http://java.sun.com/jsf/facelets"
>>>>>>>> template="./../templates/TemplateHeaderFooter.xhtml"
>>>>>>>> xmlns:h="http://java.sun.com/jsf/html">
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> <ui:define name="content">
>>>>>>>> <form method="POST" action="j_security_check">
>>>>>>>> <h:outputLabel for="j_username">Username:</h:outputLabel>
>>>>>>>> <h:inputText id="j_username" required="true" />
>>>>>>>> <h:message for="j_username" />
>>>>>>>> <h:outputLabel for="j_password">Password:</h:outputLabel>
>>>>>>>> <h:inputSecret id="j_password" required="true" />
>>>>>>>> <h:message for="j_password" />
>>>>>>>> <h:commandButton value="Login" />
>>>>>>>> <h:commandLink value="Register" action="registerUser" />
>>>>>>>> </form>
>>>>>>>> </ui:define>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> </ui:composition>
>>>>>>>>
>>>>>>>> It seems as the page is not been parsed/rendered properly.
>>>>>>>> The template is not integrated and no html code is generated.
>>>>>>>>
>>>>>>>> Are there any ideas on how to solve this issue.
>>>>>>>>
>>>>>>>> thank you
>>>>>>>>
>>>>>>>> Nikolas
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Jason Lee
>>>>>>> Senior Member of Technical Staff
>>>>>>> GlassFish REST API / Administration Console
>>>>>>>
>>>>>>> Oracle Corporation
>>>>>>> Phone +1 405-216-3193
>>>>>>> Bloghttp://blogs.steeplesoft.com
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Jason Lee
>>>>> Senior Member of Technical Staff
>>>>> GlassFish REST API / Administration Console
>>>>>
>>>>> Oracle Corporation
>>>>> Phone +1 405-216-3193
>>>>> Bloghttp://blogs.steeplesoft.com
>>>>
>>>
>>
>>
>> --
>> Jason Lee
>> Senior Member of Technical Staff
>> GlassFish REST API / Administration Console
>>
>> Oracle Corporation
>> Phone +1 405-216-3193
>> Bloghttp://blogs.steeplesoft.com
>
--
Jason Lee
Senior Member of Technical Staff
GlassFish REST API / Administration Console
Oracle Corporation
Phone +1 405-216-3193
Blog http://blogs.steeplesoft.com