Questions tagged [protected-views]

I been working in a project with JSF 2.2 and a requeriment is to pass the Acunetix vulnerabilities validation. I active protected-views (https://www.oracle.com/webfolder/technetwork/tutorials/obe/java/JSF-CSRF-Demo/JSF2.2CsrfDemo.html) but still the…

I'm currently having trouble regarding the token generated by of JSF. I added the page I want to protect in faces-config.xml /restricted/account-management/users.xhtml …

In JSF 2.2 new component was introduced and more importantly along with it a way to protect pages, that leverage this functionality, from CSRF attacks. The feature is mentioned in the JSF 2.2 specification: Call…

I have a project running with Spring + JSF with the security managed by Spring Security. Although I have part of the integration of Spring Security already set (protected views, roles and login form) I have come to a bump in the road when trying to…