All geek questions in one place

Best user authentication practice in JSF 2.0?

I am looking for the best way how I can do user authentication in my JSF web project. I found this very good example from BalusC when overflowing (by the way, thanks to BalusC). But I do not understand this System.

I wrote a registration page. After registration, the user enters my database. But who can use j_security_check to verify a user from my database?

In my web project, I do not have a site for users and non-users. When a user logs in, so he sees more options, for example, he can publish text. Who can I check this out? Can I save a custom class with user data at login and check:

if(user != null){ <h:inputText value="User Only Text" id="text" /> }

But I think this method is not very elegant. Also my question is the best way to log in a user and show the actual user more options on the web page than not the user.

Thanks and sorry for my bad english.

+4
source share
2 answers

But how can I use j_security_check to validate a user from my database?

This article explains how to use HTTP FORM authentication in conjunction with Glassfish's JDBC realms.

What is the best way to make a user login and show the actual user more options on the web page than not the user.

Basically, you need to check if the user has an appropriate role in order to see the β€œoptions”. Take a look at ExternalContext#isUserInRole(String)

+3
source

Just declare user as session-controlled bean and use the rendered attribute.

 <h:inputText value="User Only Text" id="text" rendered="#{user != null}" />
+4
source

Source: https://habr.com/ru/post/1302021/

More articles:


All Articles