We have used ADF security many more time with form based Authentication and Authorization using default login.html and error.html.
Suppose if we want to design our own login.jspx page and have complete control on ADF authentication then follow these steps.
1. Create Login.jspx and update the web.xml with login.jspx.
2. In login.jspx add two input text with name (User name and password) and one button create managed bean and bind the input text with managed bean use the below code on button action event.
3. Add the following 3 jars in view controller project library
/MIDDLEWARE_HOME/modulescom.bea.core.weblogic.security.auth_xxxx.jar, /MIDDLEWARE_HOME/modulescom.bea.core.weblogic.security.identity_xxxxx.jar, /WLSERVER/serverlibwls-api.zip
import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.faces.event.ActionEvent;
import javax.security.auth.Subject;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import oracle.adf.view.rich.component.rich.input.RichInputText;
import weblogic.security.URLCallbackHandler;
import weblogic.security.services.Authentication;
import weblogic.servlet.security.ServletAuthentication;
public void executeLogin(ActionEvent actionEvent) {
FacesContext ctx = FacesContext.getCurrentInstance();
HttpServletRequest request =
(HttpServletRequest)ctx.getExternalContext().getRequest();
Subject mySubject;
try {
mySubject = Authentication.login(new URLCallbackHandler(uid.getValue().toString(), pwd.getValue().toString()));
ServletAuthentication.runAs(mySubject, request);
ServletAuthentication.generateNewSessionID(request);
String loginUrl =
"/adfAuthentication?success_url=/faces/main.jspx";
HttpServletResponse response =
(HttpServletResponse)ctx.getExternalContext().getResponse();
RequestDispatcher dispatcher =
request.getRequestDispatcher(loginUrl);
dispatcher.forward(request, response);
} catch (FailedLoginException e) {
FacesMessage msg =
new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid username or password",
"Invalid username or password");
ctx.addMessage(null, msg);
} catch (Exception e) {
System.err.println(e.getMessage());
}
}
Happy Learning :)
Suppose if we want to design our own login.jspx page and have complete control on ADF authentication then follow these steps.
1. Create Login.jspx and update the web.xml with login.jspx.
2. In login.jspx add two input text with name (User name and password) and one button create managed bean and bind the input text with managed bean use the below code on button action event.
3. Add the following 3 jars in view controller project library
/MIDDLEWARE_HOME/modulescom.bea.core.weblogic.security.auth_xxxx.jar, /MIDDLEWARE_HOME/modulescom.bea.core.weblogic.security.identity_xxxxx.jar, /WLSERVER/serverlibwls-api.zip
import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.faces.event.ActionEvent;
import javax.security.auth.Subject;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import oracle.adf.view.rich.component.rich.input.RichInputText;
import weblogic.security.URLCallbackHandler;
import weblogic.security.services.Authentication;
import weblogic.servlet.security.ServletAuthentication;
public void executeLogin(ActionEvent actionEvent) {
FacesContext ctx = FacesContext.getCurrentInstance();
HttpServletRequest request =
(HttpServletRequest)ctx.getExternalContext().getRequest();
Subject mySubject;
try {
mySubject = Authentication.login(new URLCallbackHandler(uid.getValue().toString(), pwd.getValue().toString()));
ServletAuthentication.runAs(mySubject, request);
ServletAuthentication.generateNewSessionID(request);
String loginUrl =
"/adfAuthentication?success_url=/faces/main.jspx";
HttpServletResponse response =
(HttpServletResponse)ctx.getExternalContext().getResponse();
RequestDispatcher dispatcher =
request.getRequestDispatcher(loginUrl);
dispatcher.forward(request, response);
} catch (FailedLoginException e) {
FacesMessage msg =
new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid username or password",
"Invalid username or password");
ctx.addMessage(null, msg);
} catch (Exception e) {
System.err.println(e.getMessage());
}
}
Happy Learning :)
How can I authenticate user, from a list of username/passwords stored in DB?
ReplyDeletefollow this
Deletehttp://biemond.blogspot.in/2008/12/using-database-tables-as-authentication.html
nitesh,
ReplyDeletewhile creating entity object it's showing a pop-up window like the specified schema object is not an existing object. Even though i connected DB successfully.please solve this and i enabled HR schema also
Kalpana,
ReplyDeleteMake sure you connected to right DB schema and connection.