voyent
Login Logout Example  XML
Forum Index -> General Help
Author Message
dim5b

Joined: 13/Sep/2007 00:00:00
Messages: 42
Offline



Is there any chance someone can post a working example of a user login logout operation using synchronousUpdate as: false.

Followed all the posts and comments patiently made by various users specially by edykory about session.invalidate() and session.removeAttribute(attr);

but it seems there is still many posts about this problem....

thanks in advance
dim5b

edykory


Joined: 27/Nov/2006 00:00:00
Messages: 332
Offline


I will post a nice example this evening.

Eduard
dim5b

Joined: 13/Sep/2007 00:00:00
Messages: 42
Offline


Great thanks really looking forward to it!!!!!!

Dimitri
edykory


Joined: 27/Nov/2006 00:00:00
Messages: 332
Offline


Here it is.
Just a very basic example, showing the following technics:
1. Login phase listener: it will protect all pageXXXX.iface accesses and redirects the user to the login page, if the user was not logged in
2. Logout with redirecting to the login page.

The navigation is really stupid ... just some very simple outputLinks, but could be anything.

The sample runs on JBoss 4.2 and is compiled with jdk 5
For other app servers (like tomcat or others) you might need some other jars as well (like commons-el.jar and el-ri.jar). Check icefaces documentation.

Good luck and enjoy coding!

Eduard
 Filename loginlogout.war [Disk] Download
 Description
 Filesize 3370 Kbytes
 Downloaded:  514 time(s)

dim5b

Joined: 13/Sep/2007 00:00:00
Messages: 42
Offline



Ok downloaded the example but still cant get my head round the problem...

the login page Has a request-scoped bean that implements the login action

in the login action the user object is looked up in the database and if found it is put in the http session using

Code:
	FacesContext.getCurrentInstance().getExternalContext().getSessionMap().put("userInfo", userInfo);
 


the user is then direct to lets say the main page of the application

using session.removeAttribute the session bean is invalidated upon logout

fine... up to here...

My first problem is...

If the userBean object created (session-scoped) implements Renderable the method to set the render manager, which should come from faces-config.xml is not called....

Code:
 
 
     public void setRenderManager(RenderManager manager) {
 	          if (manager != null) {
 	            renderer = manager.getOnDemandRenderer("demand");
 	            renderer.add(this);
 	        }
 	    }
 
 
 never called....
 


I have also read

http://www.icefaces.org/JForum/posts/list/4351.page

concerning session-scoped-beans while implementing RenderManager
and created the request scoped bean to get the reference state of the
session bean...

My question is therefore how can i inject the RenderManager (application-scoped bean) to the UserBean...obviously have put it in faces-config

Code:
 	<managed-bean>
 		<managed-bean-name>
 		userbean</managed-bean-name>
 		<managed-bean-class>
 		my.pack.UserBean</managed-bean-class>
 		<managed-bean-scope>
 		session</managed-bean-scope>
 	<managed-property>
         <property-name>renderManager</property-name>
         <value>#{rmanager}</value>
     </managed-property>
 	</managed-bean>
 


thanks in advance
dim5b




andrea.biasillo

Joined: 03/Sep/2010 05:59:42
Messages: 19
Offline


hi edykory, your login example is very nice and useful.

You put the user info in the session map:

FacesContext.getCurrentInstance().getExternalContext().getSessionMap().put("userInfo", userInfo);

In this way if you login with two different browsers from the same pc, the second user will override the first.
Where Do I have to put the user info so I can login with two different users from the same pc?

Thanks Andrea.
edykory


Joined: 27/Nov/2006 00:00:00
Messages: 332
Offline


Well, actually you're a little bit wrong here. The session map you get in the FacesContext.getCurrentInstance().getExternalContext().getSessionMap() is the real "servlet" session. This is usually implemented by using a cookie or through url (the jsessionid). So if you have two different browsers (like IE and Firefox) they will never share the same session. If what you're saying is that two different browser windows are sharing the same session ... well ... that's the way it is supposed to work. If you want to have more than one user logged in during the same session ... well it's a little bit nonstandard. (Even the jaas doesn't accept something like this). But you could implement it by passing through the url (or some hidden input field) a "conversation_id" param. This could be some sort of integer which is incremented automatically and used as a key inside the real session. So the key would be this "cid" and the value would be a Map<String,Object>.

|--------------------session --------------------------------|
|--cid=1---|---cid=2----| ............................|--cid=n--|

But I repeat, this is something nonstandard, and shouldn't be normally used for users. And you'll have to manage the cleanup yourself.

Eduard Korenschi


andrea.biasillo

Joined: 03/Sep/2010 05:59:42
Messages: 19
Offline



Hi,
What I meant if ice-faces implemented a mechanism to distinguish different windows of the same browser, and store different info for different windows.

Andrea.
edykory


Joined: 27/Nov/2006 00:00:00
Messages: 332
Offline


In fact it has. It's controlled by the concurrentDomViews parameter. But it's mainly for supporting multiple conversation threads if you like ... not multiple users (if that's what you need). Servlet specification (and icefaces) have things called "isUserInRole" and other stuff like that, and these depend on one user being logged in. So if you just need to support multiple browser windows without each other stepping on their toes, then concurrentDomViews is perfect, but not for user authentication.

Secondly, if you activate concurrentDomViews and you also have asynchrounous enabled (as it is by default) you might see some "Network Connection interrupted" if you don't properly configure icepush. This is because they keep a connection open in the back, and browsers, by default, don't allow more than 2 connection per server simultaneously.

That's all,

Cheers
 
Forum Index -> General Help
Go to:   
Powered by JForum 2.1.7ice © JForum Team