JSF Under the Hood—Part 3 - JSF and HTML5

HTML and CSS Reference

In-Depth Information

As shown in Listing 4-16, PhaseListener interface has the following methods:

•

getPhaseId(): This method returns the identifier of the request processing phase, during

which this listener is interested in processing PhaseEvent events. Legal values are the

singleton instances defined by the PhaseId class, including PhaseId.ANY_PHASE to indicate an

interest in being notified for all standard phases.

beforePhase(): This method will be executed when the processing for a particular phase of

the request processing lifecycle is about to begin.

•

afterPhase(): This method will be executed when the processing for a particular phase has

just been completed.

Phase listeners can be useful for debugging the execution of the different JSF life cycle phases. It can also be used

for authorizing JSF application pages. Let's see an example to see how phase listeners can be used for authorizing

JSF pages. Let's get back to the first application example in Chapter 2. One of the missing functionalities in that

application is that the user can open directly the welcome application without having to pass through the login page.

In order to secure the welcome page (or maybe other pages) in the application, we can create a phase listener for this.

One thing that we need to modify in the application is to set a session flag to indicate that the user is authenticated by

entering a non-empty username and password in the login page. Listing 4-17 shows the updated User managed bean.

•

Listing 4-17. Updated User Managed Bean

public class User implements Serializable {

private String name;

private String password;

private Profession profession;

private List<String> favoriteSports;

private Map<String, String> spokenLanguages;

...

public String login() {

FacesContext context = FacesContext.getCurrentInstance();

HttpSession session = (HttpSession) context.getExternalContext().getSession(true);

// User passes through the login page and clicks the "login" button.

session.setAttribute("isAuthenticated", true);

return "welcome";

}

...

}

As shown in the previous code listing, a session attribute "isAuthenticated" is added for marking the user as

authenticated in the login() method (any entered non-empty username and password are accepted in the example).

Listing 4-18 shows AuthorizationListener phase listener code.

Search WWH ::

Custom Search

Home