-1
I have a question I would like to know how to block any kind of transition of pages via URL regardless of whether the user is logged in or not, for example if I am on the home page.xhtml can only go to another page if you click the button referring to it, pq currently if I am at home.xhtml and in the URL I put for example general.xhtml it goes to general page and would like to prevent this, if anyone can help I am grateful.
0
I think the good thing would be to use JAAS to handle both authentication and access authorization or Spring Security or Apache Shiro and set up ROLES and user groups.
But if the control is simple you could create a JSF Phaselistener where you can intercept the life cycle phases, an example is the view restore phase(Phaseid.RESTORE_VIEW), could create a logic so that when the resource that is accessed is being performed by a user who is not logged in to the system or who does not have due permission to access the page could redirect it to the login page (if it is not authenticated) or if it is already browsing but should not have access to the feature could display a friendly message. Below I added a link has an example of a very simple control, which from it I believe can adapt to your model, improve and use it if you do not opt for a more rigorozo control with the technologies I mentioned above.
Browser other questions tagged java jsf
You are not signed in. Login or sign up in order to post.