Announcement Announcement Module
Collapse
No announcement yet.
a workaround for custom login bean Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • a workaround for custom login bean

    For the past days I've been trying like crazy to create a jsf loginBean for my app but I did not find a working example nor figured it out by myself, so I came with a, what a believe to be ugly, solution, as follows:

    HTML Code:
    <p:dialog id="dialog" widgetVar="dlg" closable="false" draggable="false" resizable="false" header="Login" visible="true">
                <h:form>    
                    <p:panelGrid columns="2">
    
                        <p:outputLabel for="username" value="Usuário:"/>
                        <p:inputText id="username"
                                     title="Preencha com o seu usuário (login)."
                                     required="false"
                                     value="#{loginBean.usuario}"/>
    
                        <p:outputLabel for="password" value="Senha:"/>
                        <p:password id="password"
                                    title="Preencha com a sua senha."
                                    required="true"
                                    value="#{loginBean.senha}"/>
    
                        <f:facet name="footer">
                            <p:commandButton value="Entrar"
                                             actionListener="#{loginBean.doLogin}"
                                             oncomplete="handleLoginRequest(xhr, status, args)"/>
                        </f:facet>
    
                    </p:panelGrid>
                </h:form>
    
    <form id="form_spring" hidden="true" action="j_spring_security_check" method="post">  
                    <h:panelGrid columns="2" cellpadding="3">  
                        <h:outputLabel for="j_username" value="Login:" />  
                        <p:inputText 
                            id="j_username" required="true" label="login" />                    
                        <h:outputLabel for="j_password" value="Senha:" />  
                        <p:password feedback="false" minLength="6"  
                                    id="j_password" required="true" label="senha" />  
                    </h:panelGrid>  
                    <center>    
                        <h:commandButton id="b_login" value="Login" style="width:80pt"/>
                    </center>
                </form>
            </p:dialog>
    <script type="text/javascript">  
                function handleLoginRequest(xhr, status, args) { 
    
                    if(args.validationFailed || !args.loggedIn) { 
                     jQuery('#dialog').effect("shake", { times:3 }, 100);  
    
                    } else {  
    
                        dlg.hide();
    
                        document.getElementById("j_username").setAttribute("value", document.getElementById('login').getAttribute('value'));
    
                        document.getElementById("j_password").setAttribute("value", document.getElementById('senha').getAttribute('value'));
    
                        document.getElementById("b_login").click();
                    }  
                }
                
                function setVariab(){
                    document.getElementById("j_username").setAttribute("value", "");
                    document.getElementById("j_password").setAttribute("value", "");
                }
            </script>
    It consists of a form withina form, the second being triggered by the first one, if the user input return true from the loginBean.doLogin.
    My point is: this is obviously a preposterous solution, but it works.
    I would like to know if there's some kind of security breach or problems with that, and if someone can give/point me a functional example of a @ManagedBean/@Named controller for login, please!
Working...
X