I have several page that are used for administering. But now every one could enter it if they input right url. I want to redirect them to the login page if they aren't login. How to achieve it? JSF 2.1
Asked
Active
Viewed 128 times
1
-
Are you aware of container managed security? Please search google for container managed security and you will find as much info as you want – Prasad Kharkar Jun 10 '13 at 07:36
-
More specifically you can look for declarative security for web application – me_digvijay Jun 10 '13 at 07:41
-
possible duplicate of [How to handle authentication/authorization with users in a database?](http://stackoverflow.com/questions/9965708/how-to-handle-authentication-authorization-with-users-in-a-database) – BalusC Jun 10 '13 at 13:26
1 Answers
1
there are several libraries or mechanisms to protect your pages from un-authorized users. In a Java EE environment you usually use the features from the application server and configure some security constraints in web.xml
If you want to rely on a more independent technology I can recommend Spring Security: http://www.springsource.org/spring-security (if you are using spring already that would be my first choice) and Apache Shiro: http://shiro.apache.org/ (which to me is a slightly simpler to understand)
The manual approach would be to create a Servlet-Filter in web.xml to protect certain urls (both frameworks above work like that).
Arjan Tijms
- 37,353
- 12
- 107
- 135
wemu
- 7,582
- 3
- 31
- 54