Friday 22 August 2014

Custom Login in ADF Application

We have used ADF security many more time with form based Authentication and Authorization using default login.html and error.html.
Suppose if we want to design our own login.jspx page and have complete control on ADF authentication then follow these steps.

1. Create Login.jspx and update the web.xml with login.jspx.

2. In login.jspx  add two input text with name (User name and password) and one button create managed bean  and  bind the input text with managed bean use the below code on button action event.

3. Add the following 3 jars in view controller project library

/MIDDLEWARE_HOME/modulescom.bea.core.weblogic.security.auth_xxxx.jar, /MIDDLEWARE_HOME/modulescom.bea.core.weblogic.security.identity_xxxxx.jar, /WLSERVER/serverlibwls-api.zip


import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.faces.event.ActionEvent;

import javax.security.auth.Subject;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import oracle.adf.view.rich.component.rich.input.RichInputText;

import weblogic.security.URLCallbackHandler;
import weblogic.security.services.Authentication;
import weblogic.servlet.security.ServletAuthentication;


    public void executeLogin(ActionEvent actionEvent) {
        FacesContext ctx = FacesContext.getCurrentInstance();
        HttpServletRequest request =
            (HttpServletRequest)ctx.getExternalContext().getRequest();
        Subject mySubject;
        try {
            mySubject = Authentication.login(new URLCallbackHandler(uid.getValue().toString(), pwd.getValue().toString()));
            ServletAuthentication.runAs(mySubject, request);
            ServletAuthentication.generateNewSessionID(request);
            String loginUrl =
                "/adfAuthentication?success_url=/faces/main.jspx";
            HttpServletResponse response =
                (HttpServletResponse)ctx.getExternalContext().getResponse();
            RequestDispatcher dispatcher =
                request.getRequestDispatcher(loginUrl);
            dispatcher.forward(request, response);
        } catch (FailedLoginException e) {
            FacesMessage msg =
                new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid username or password",
                                 "Invalid username or password");
            ctx.addMessage(null, msg);
        } catch (Exception e) {
            System.err.println(e.getMessage());
        }
       
    }

Happy Learning :)

4 comments:

  1. How can I authenticate user, from a list of username/passwords stored in DB?

    ReplyDelete
    Replies
    1. follow this
      http://biemond.blogspot.in/2008/12/using-database-tables-as-authentication.html

      Delete
  2. nitesh,
    while creating entity object it's showing a pop-up window like the specified schema object is not an existing object. Even though i connected DB successfully.please solve this and i enabled HR schema also

    ReplyDelete
  3. Kalpana,
    Make sure you connected to right DB schema and connection.

    ReplyDelete