[Oracle ADF Security] Form-Based Authentication Login Bean example
package adf.sample.managed.login;
import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import weblogic.security.services.Authentication;
import weblogic.servlet.security.ServletAuthentication;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import java.io.IOException;
import javax.faces.context.ExternalContext;
import weblogic.security.URLCallbackHandler;
public class LoginBean {
String _username = null;
String _password = null;
public LoginBean() {
super();
}
public void setUsername(String _username) {
this._username = _username;
}
public String getUsername() {
return _username;
}
public void setPassword(String _password) {
this._password = _password;
}
public String getPassword() {
return _password;
}
public String doLogin() {
String un = _username;
byte[] pw = _password.getBytes();
FacesContext ctx = FacesContext.getCurrentInstance();
HttpServletRequest request = (HttpServletRequest)ctx.getExternalContext().getRequest();
try {
CallbackHandler handler = new URLCallbackHandler(un, pw);
Subject mySubject = Authentication.login(handler);
ServletAuthentication.runAs(mySubject, request);
ServletAuthentication.generateNewSessionID(request);
String loginUrl = "/adfAuthentication?success_url=/faces" + ctx.getViewRoot().getViewId();
HttpServletResponse response = (HttpServletResponse)ctx.getExternalContext().getResponse();
sendForward(request, response, loginUrl);
} catch (FailedLoginException fle) {
FacesMessage msg =
new FacesMessage(FacesMessage.SEVERITY_ERROR, "Incorrect Username or Password", "An incorrect Username or Password" +
" was specified");
ctx.addMessage(null, msg);
} catch (LoginException le) {
reportUnexpectedLoginError("LoginException", le);
}
return null;
}
private void sendForward(HttpServletRequest request, HttpServletResponse response, String forwardUrl) {
FacesContext ctx = FacesContext.getCurrentInstance();
RequestDispatcher dispatcher = request.getRequestDispatcher(forwardUrl);
try {
dispatcher.forward(request, response);
} catch (ServletException se) {
reportUnexpectedLoginError("ServletException", se);
} catch (IOException ie) {
reportUnexpectedLoginError("IOException", ie);
}
ctx.responseComplete();
}
private void reportUnexpectedLoginError(String errType, Exception e) {
FacesMessage msg =
new FacesMessage(FacesMessage.SEVERITY_ERROR, "Unexpected error during login", "Unexpected error during login (" +
errType + "), please consult logs for detail");
FacesContext.getCurrentInstance().addMessage(null, msg);
e.printStackTrace();
}
public String logout() {
FacesContext ctx = FacesContext.getCurrentInstance();
ExternalContext ectx = ctx.getExternalContext();
String logoutUrl = "faces" + ctx.getViewRoot().getViewId();
((HttpServletRequest)ectx.getRequest()).getSession().invalidate();
try {
System.out.println("Logout URL: "+logoutUrl);
ectx.redirect(logoutUrl);
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
}
Библиотека с доп классами Library and Classpath –> Add Library –> Weblogic 12.1 Remote Client