1

I am creating an activation, triggered after clicking an URL in an e-mail from registration. I would like to execute my bean Activate.java immediately, instead of creating an xhtml page with something like #{validate}.

I do not need any xhtml file because the user will be redirected to login. What is the best way of achieving this?

Note, I am using JSF 2.0.

Fritz
  • 9,987
  • 4
  • 30
  • 49
Menno
  • 12,175
  • 14
  • 56
  • 88
  • 1
    So, in short, the flow is User receives mail > User clicks link > User arrives to the normal login page but the account is activated? This url has a parameter to define the activation or any kind of generated code that defines which account must be activated, right?. – Fritz Oct 19 '12 at 15:16
  • Well, maybe not the login page but a page with some successtext. But that means I could just load this successpage and run the validation. So in conclusion I have asked a rather dumb question, I can just trigger the action at the destinationpage. – Menno Oct 19 '12 at 15:20
  • Well, no question is dumb. I was going to suggest something similar to what BalusC just suggested, I'd go that way. – Fritz Oct 19 '12 at 15:23

1 Answers1

3

Use a servlet.

@WebServlet("/activate")
public class ActivationServlet extends HttpServlet {

   @EJB
   private ActivationService service;

   @Override
   protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
       String key = request.getParameter("key");

       // ...

       response.sendRedirect(request.getContextPath() + "/login.xhtml");
   }

}

This will be invoked when you call http://localhost:8080/contextpath/activate?key=42.

You'll only miss JSF validation facility as possible with <f:viewParam>. What do you want to do if key is missing or invalid?

Community
  • 1
  • 1
BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
  • Great, this is exactly the kind of thing I was looking for. I think this is a cleaner way then calling activation from the destination page. Thanks for your fast and complete answer. – Menno Oct 19 '12 at 15:28
  • Regarding your question about validation facility, my only issue would be the escaping of potential malicious GET-parameters. This would indeed be provided when using ``. Would StringEscapeUtils from Apache.commons be the way to go here, or should I stick with a preceding xhtml file? – Menno Oct 19 '12 at 15:40
  • 1
    That's not exactly a problem as long as you use parameterized queries. The problem is more, what if the key is missing or non-existent? Wouldn't you rather show an error message instead of redirecting to login page? See for example also http://stackoverflow.com/questions/7488211/jsf-how-to-hit-a-bean-method-and-redirect-based-on-a-get-variable/7488313#7488313 – BalusC Oct 19 '12 at 15:41
  • Perhaps that would be a more appropriate way to inform the user, yes. I hadn't even considered this possibility. Thanks for your time and great input! – Menno Oct 19 '12 at 15:47