4

How to implement j_security_check with Primefaces? Normally in JSP if you want to use JAAS for login, the login form generally is:

<form action="j_security_check" method="POST">
   Username:<input type="text" name="j_username"><br>
   Password:<input type="password" name="j_password">
   <input type="submit" value="Login">
</form>

But how do we implement it in JSF or in Primefaces!

  • What will be the action
  • How do we get rid of id or name like formId:componentId
  • Also the p:commandButton is ajaxified in Primefaces by default, so how does it submit the form in non-ajax way

I had a requirement to implement the JAAS form authentication with Primefaces and I am sharing the solution here; it might come handy to someone.

Tapas Bose
  • 28,796
  • 74
  • 215
  • 331
  • 1
    Related/dupe: http://stackoverflow.com/questions/2206911/best-way-for-user-authentication-on-javaee-6-using-jsf-2-0/2207147#2207147 – BalusC Nov 29 '12 at 11:56

2 Answers2

18

The solution is pretty straightforward.

  • You need to define the h:form with prependId="false", so that it will not generate id or name of the component as formId:componentId.
  • You need to defined the action="j_security_check" in the h:form as onsubmit="document.getElementById('login').action='j_security_check';"
  • Set the ajax attribute of the p:commandButton to false, so that the form doesn't get submitted in ajax way.

That's it. Here is the complete code of the login form which can be replaced by the aforesaid form:

<h:form id="login" onsubmit="document.getElementById('login').action='j_security_check';" prependId="false">
    <h:panelGrid columns="2">
        <p:outputLabel for="j_username" value="Username" />
        <p:inputText id="j_username" name="j_username" />            
        <p:outputLabel for="j_password" value="Password" />
        <p:password id="j_password" name="j_password"/>
        <p:commandButton id="submit" value="Login" ajax="false"/>
    </h:panelGrid>
</h:form>

Thanks.

Tapas Bose
  • 28,796
  • 74
  • 215
  • 331
  • 6
    You can just use `
    ` instead of ``. No need for nasty JS code (which could at its own also be more simplified by removing `document.getElementById('login').` part).
     – BalusC Nov 29 '12 at 11:55
  • @BalusC sorry for the late comment but it looks like neither is the correct solution. I agree that the javascript is ugly - but if you use only `
    ` you can't use `id="submit"` in the `p:commandButton` and therefore the login won't work.... any idea if there is a cleaner solution?
     – OschtärEi Jun 06 '14 at 20:23
  • 1
    @OschtärEi: Just use `` with PF style classes on it. – BalusC Jun 06 '14 at 20:37
  • if you don't need an `id` for `` just use `` – phse Dec 10 '14 at 12:30
2

There is working (with Primefaces 5) code (removed name attributes from p:inputText and p:password, removed suggested by BalusC part):

<h:form id="login" onsubmit="action='j_security_check';" prependId="false">
    <h:panelGrid columns="2">
        <p:outputLabel for="j_username" value="Username" />
        <p:inputText id="j_username" />            
        <p:outputLabel for="j_password" value="Password" />
        <p:password id="j_password" />
        <p:commandButton id="submit" value="Login" ajax="false"/>
    </h:panelGrid>
</h:form>
kosolapyj
  • 121
  • 1
  • 3