JSF 2.2 comes in conjunction with EL 3.0. This version of the expression language offers a rarely known highlight: It is capable of using lambda expressions and streams. Even thought defined withing the Jave EE 7 spec (and not Java 8), you can still use these cool features! Continue reading “Using Lambda expressions with JSF 2.2”
Ok, we secured our JSF web application by using a JSF form. The user information is still stored in a flat text file. But as stated before, your application server provides more. This lesson, we move forward to GlassFish’s JDBCRealm, which allows you to store the user information within the database. Continue reading “Tutorial web development (with JSF) XV â€“ Security with JDBCRealm”
Within a web application, you often need a state to create a session lifecycle. You may create a CDI named been with session scope, to keep track of some user data. Suppose, you have a JSF application. Assigned to your pages you might use named beans with request scope. If you need some session-wide info, you can use CDI:
@inject SessionBean mySessionBean
I moved an application which ran without known problems on GlassFish 3 to GlassFish 4. Everything worked fine, as long as I tested the app for myself. But using this app concurrent with other users, sometimes the app showed me a session timeout, could not restore a conversation or, in one case, showed me data of a concurrent user. It seemed, a SessionBean object of a different user had been injected to the request bean assigned to my request. Continue reading “CDI issue using GlassFish 4”
Now, after we’ve addressed basic log-in with simple file realm, I want to move on by exchanging the authentication method. Remember, this tutorial is about web development with JavaServer Faces. All I showed for container based security so far, is technology entirely independent from JSF. Same applies to simple form log-in. But, it’s possible to embed this into some JSF techniques. And, further on, using programmatic log-in, this is done by the use of JSF. Continue reading “Tutorial web development (with JSF) XIV â€“ Security Part III”
In this part of the security trail, we start with Basic Authentication and fileRealm. For some basic background information, please refer to the former part.
To secure the TinyCalutor, we need to add a security constraint to web.xml. Continue reading “Tutorial web development (with JSF) XIII â€“ Security Part II”