c:if and c:choose fail to conditionally build ui:composition

Question

Been struggling with this for a bit now.

I have an Apache Shiro login.xhtml page that loads at startup.

Once authenticated, the user is redirected to an index.xhtml page in the same folder as the Apache Shiro login.xhtml page (both are in the webapp folder).

I want to prevent non authenticated users from loading the UI by using this in my index.xhtml:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:f="http://xmlns.jcp.org/jsf/core"
      xmlns:c="http://xmlns.jcp.org/jsp/jstl/core"
      xmlns:h="http://xmlns.jcp.org/jsf/html"
      xmlns:ui="http://xmlns.jcp.org/jsf/facelets"
      xmlns:pt="http://xmlns.jcp.org/jsf/passthrough"
      xmlns:jsf="http://xmlns.jcp.org/jsf"
      xmlns:p="http://primefaces.org/ui"
      xmlns:o="http://omnifaces.org/ui"
      xmlns:of="http://omnifaces.org/functions">
<c:if test="${authUserDetail.userAuthenticated}">
    <ui:composition template="/WEB-INF/templates/masterTemplate.xhtml">
        <ui:define name="title">Title Page</ui:define>
        <ui:define name="content">
            <ui:include src="/WEB-INF/home/home_page.xhtml"/>
        </ui:define>
    </ui:composition>
</c:if>
<c:if test="${!authUserDetail.userAuthenticated}">
    <h:outputLabel
            value="You are not authorized to access this page."/>
</c:if>
</html>

With a backing bean AuthUserDetail.java looking like this:

package com.mycomp.view.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.omnifaces.cdi.ViewScoped;

import javax.annotation.PostConstruct;
import javax.inject.Named;
import java.io.Serializable;

@Named
@ViewScoped
public class AuthUserDetail implements Serializable {

    private boolean userAuthenticated = false;

    public AuthUserDetail() {
        Subject currentUser = SecurityUtils.getSubject();
        this.userAuthenticated = currentUser.isAuthenticated();
    }

    public boolean isUserAuthenticated() {
        return userAuthenticated;
    }

    public void setUserAuthenticated(boolean userAuthenticated) {
        this.userAuthenticated = userAuthenticated;
    }
}

If I test without by replacing the <ui:composition... code (only using a single <h:outputLabel> it seems to work. But using it as is, always renders the complete page even if the user is not logged in (using Google Chrome's incognito feature).

What am I missing???

Thanks @BalusC I refactored the conditional rendering to inside the main template in the WEB-INF folder, and placed them inside the composition tags. All is working as it should now. — Letholdrus, Dec 27 '17 at 18:35

c:if and c:choose fail to conditionally build ui:composition

0 Answers0