0

As I was told and found on websites, my bean will only be executed if I have a call for it on my .xhtml.

Is it possible to call my bean without any EL expression?

I need this because my HomeController is calling a method that checks for the session status and on my home.xhtml and don't have any need for fall this bean, for now.

Improve this question
2
  • You can call it from another bean or from phase listener or from somewhere else. Could you clarify your question? Commented Apr 27, 2012 at 17:28
  • I have edited it, please see if more information is required. Commented Apr 27, 2012 at 17:29

1 Answer 1

Reset to default
2

You need to look for a solution in a different direction.

If you're homegrowing user authentication instead of using container managed authentication, then you normally use a servlet filter for the particular purpose of checking if an user is logged in or not.

The servlet filter can like as servlets (like FacesServlet) be mapped on a particular URL pattern. It will then be invoked on every request matching that URL pattern. You can explore request/session data in the filter and then handle the request/response accordingly by either continuning the filter chain, or by sending a redirect.

You need to implement javax.servlet.Filter interface accordingly. Here's a kickoff example of how the doFilter() method should be implemented assuming that you've a @SessionScoped managed bean LoginController. JSF stores session scoped managed beans as attributes of HttpSession.

@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    HttpSession session = request.getSession(false);
    LoginController loginController = (LoginController) (session != null) ? session.getAttribute("loginController") : null;

    if (loginController == null || !loginController.isLoggedIn()) {
        response.sendRedirect(request.getContextPath() + "/login.xhtml"); // No logged-in user found, so redirect to login page.
    } else {
        chain.doFilter(req, res); // Logged-in user found, so just continue request.
    }
}

Map this filter on an URL pattern covering the restricted pages, e.g. /app/*. 

@WebFilter("/app/*")
public class LoginFilter implements Filter {
    // ...
}

Update if the login.xhtml is also covered by this URL pattern and you really can't change it, then change the if block as follows:

if (!request.getRequestURI().endsWith("/login.xhtml") && (loginController == null || !loginController.isLoggedIn())) {
    // ...
}
Improve this answer
Sign up to request clarification or add additional context in comments.

14 Comments

creating this class I got a list of 5 Filter classes, which is the correct?
javax.servlet.Filter. See also the links in the answer.
yeah..I got that, still one doubt...the @WebFilter, what does it do?
It registers the servlet filter for the webapp, like as @ManagedBean registers the JSF managed bean for the webapp. Previously this was done by XML configuration files. E.g. <filter> in web.xml and <managed-bean> in faces-config.xml. Again, click the link, it's explained in there as well :)
Yes, it is possible. Just add !request.getRequestURI().endsWith("/login.xhtml") to the if block for the case you need to skip login.xhtml. See updated answer.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.