Search code examples
jsfservletsicefaces

Login into JSF/IceFaces3 application via SSO

I have a JSF/IceFaces3 application running. This application should run in an intranet environment after login to it via SSO. Boss told me to provide him with a link he can call like:

http://companieserver/FancyApplcation/indexsso?name=[username]&psw=[userpassword]

As a newcomer i created a servlet and mentioned it in web.xml

<servlet>
    <description>SSO Login calling with given Parameters Managed
 AuthenticationService</description>
    <display-name>SsoLogin</display-name>
    <servlet-name>SsoLogin</servlet-name>
    <servlet-class>de.bws.bewerberverwaltung.security.SsoLogin</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>SsoLogin</servlet-name>
    <url-pattern>/indexsso</url-pattern>
  </servlet-mapping>
....

From this SsoLogin Servlet I want to redirect to the JSF/IceFaces3 application. Here my aproach:

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    FacesContext facesContext = getFacesContext(request, response);
    LoginBean loginBean = (LoginBean)getManagedBean("loginBean", facesContext);

    String login = request.getParameter("name");
    String psw = request.getParameter("psw");

    loginBean.setLogin(login);
    loginBean.setPassword(psw);

    String value = loginBean.login();

    System.out.println("SsoLogin result: " + value);
    request.getRequestDispatcher(value).forward(request, response);
}

The value that comes from loginBean is customeroverview.xhtml file that is in my project.

The behaviour is that server presents me a white page. When i view the source code of the page it looks like it should be. I tried also to send a redirect whith same result.

Maybe it is not the best way to jump from an servlet directly into a JSF applcation, but obviously it worked.

Any hint to solve this problem?

Solution

  • JSF pages are supposed to be processed by the FacesServlet. In order to get it to run, the request URL has to match the <url-pattern> of the FacesServlet. Otherwise the JSF components won't be generate HTML and you end up with a -to the browser- unintelligible response containing a bunch of JSF tags instead of HTML elements.

    You don't want to perform a forward after login, but a redirect. So you should definitely use sendRedirect() instead of forward(). whatever URL you pass to sendRedirect(), it has to match the <url-pattern> of the FacesServlet. If it's for example *.jsf, then it should ultimately look like this:

    response.sendRedirect(request.getContextPath() + "/home.jsf");