RichFaces - How to handle external Login Mechansim like OpenID
Today I found a solution for a login problem I was faced with since a long time using RichFaces and Facelets in my JEE Web App.
The problem was that my Login Form uses an external login mechanism (OpenID) to log in the user.
After the first successful login the RichFaces page is not loaded correctly (styles and scripts are not loaded). If the user reloads the page after the first login everything works well.
I saw that some people are faced with this problem in similar situations. So I will try to explain my solution I found today.
My application has to areas - a unrestricted (/*) and a restricted (/secured/*) area. So when the user try to access a restricted (RichFaces) page (e.g. /secured/page-a.jsf) my loginForm - located in the unrestricted area (/login.jsf) appears. So the user can first perform a login. Typical for OpenID the login mechanims is handled by a Servlet. The Servlet knows the first Request to the restricted page. After successful login the Servlet will redirect the user again to that restricted page. But this (RichFaces)page now will not be rendered correctly because the request goes no longer through the RichFaces Servlet Filter. So CSS and Scrips will not be loaded!
I solved this situation as I changed the startup mechanism of my application. The first thing the user will see is the Loginpage itself! The LoginPage is located in an unrestricted area. Now after the user logged in successfull, the login form (servlet) will redirect the user to an restricted RichFaces Page. And in this case the restricted RichFaces Page will be rendered correctly as the full request goes now through the RichFaces Servlet Filter. This works as there is no cascading redirect through different servlets.
I know that this sounds a little bit confusing but it works for me. If you have found other solutions for that problem please let me know.
Posted at 09:37AM Dez 07, 2008
Posted by: Ralph
Category: General
OpenID Authentification Modul for Glassfish
In the OpenSSO Project on dev.java.net you can find an extension for OpenID. With this OpenID Module which is based on jsr-196 it is easy to use OpenID authentification in a JEE Application running on Glassfish. Additional Informations about the JSR-196 can be found here.
To build the Sources of hte OpenID Authentification Module is very easy as the project is based on maven. So first check out the sources form the jsr-196 project inside cvs code repository
https://opensso.dev.java.net/source/browse/opensso/extensions/jsr196/
The hostname for the cvs repository is : cvs.dev.java.net
Repoistory path is : /cvs
Connection type is: pserver
You just need to check out the jsr-196 project which is found under /opensso/extensions
After you have checked out the sources you can run a maven install directly to build the libary. Information about Maven you find here .
After you run the maven install you have a library called
sam.openid-x.x.x.jar
Copy this jar into your glassfish/lib folder. Thats it.
You can now configure a new HTTP Messaging Provider as described here. The provider class name for the OpenID Autentification Module is : com.sun.security.sam.openid.OpenIDServerAuthModule
Posted at 08:52AM Nov 08, 2008
Posted by: Ralph
Category: General
Glassfish and OpenID
Currently I am working on a solution to authenticate users with an OpenID in a JEE Application running on Glassfish. I need this Integration for a Workflow Application using the IX JEE Worklfow.
After searching for java based OpenID Solutions for Web applications I come to the end that the JRS-196, Java Authentication Service Provider Interface
for Containers is one of the most auspicious solutions for JEE and Glassfish. But its not easy in the moment to find a running modul on this technologie. There is a very important blog about the concepts behind JRS-196 from Ron Monzillo. And also there I started a discussion in the java.net forum about the best way of integration. I will update my results in this blog the next time.
Posted at 10:34AM Okt 12, 2008
Posted by: Ralph
Category: General