users@javaserverfaces.java.net

RE: Re: How do I use JSF with JAAS or what is the standard security approach for JSF?

From: Todd Patrick <Todd.Patrick_at_dtn.com>
Date: Thu, 24 Apr 2008 14:46:12 -0500

Thank you everyone. I'll work with Acegi and see how well that integrates into the application running on Sun Java System Application Server 9.1_01. ________________________________ From: paksegu [mailto:paksegu@yahoo.com] Sent: Thursday, April 24, 2008 2:35 PM To: users@javaserverfaces.dev.java.net Subject: Re: How do I use JSF with JAAS or what is the standard security approach for JSF? <http://www.ibm.com/i/c.gif> developerWorks <http://www.ibm.com/developerworks/> > Java technology <http://www.ibm.com/developerworks/java/> > <http://www.ibm.com/i/c.gif> Securing Java applications with Acegi, Part 5: Protecting JavaBeans in JSF applications http://www.ibm.com/developerworks/java/library/j-acegi5/?S_TACT=105AGX02 &S_CMP=HP Todd Patrick <Todd.Patrick@dtn.com> wrote: I have been searching for concrete real world examples of using JAAS with JSF and there seems to be a lot of adhoc implementations. Getting JAAS to work with JSF has been a real nightmare and I was wondering if anyone could provide any information on how they approached this or any examples that I may be missing. Today, I have a user log in on a JSP page to utilize the j_security_check in JAAS and then I redirect the user to a page in my JSF based application. I also have to update the faces-config.xml and add the <redirect/> element to each of my navigation-cases in order for the HTTP header to contain the data needed for JAAS. Does this sound right? Thanks, --Todd NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Ransford Segu-Baffoe paksegu@yahoo.com https://serenade.dev.java.net/ http://www.noqturnalmediasystems.com/ ________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. <http://us.rd.yahoo.com/evt=51733/*http://mobile.yahoo.com/;_ylt=Ahu06i6 2sR8HDtDypao8Wcj9tAcJ> ----------------------------------------- NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.