Possibilities to integrate a simple login for a landing page?

Question

I have coded a landing page with a backend. Therefore I can get the name and the email address of my customer and I can display it in the backend and export it as excel.

However, I want to "secure" this site. Hence, I need a quick solution to create a login for my site to make the site "secure" the site.(quick -> because I also work at the production system and launching is coming soon) This should also include the redirect to my landing page. By "secure" I mean it does not have to be fort knox, but a simple lock should be OK.

Therefore, my question is:

What are simple and fast to implement login solutions in jsf, primefaces 3.5 and java to redirect to my landing Page Admin Panel?

I really appreciate your answer!!!

Custom filter plus some form-based authentication is the simplest one. Apache Shiro and Spring Security are two well-known separate third party solutions. Otherwise the question is really too broad and too subjective in many terms. — skuntsel, Apr 25 '13 at 05:55
By the way, why so many irrelevant tags? A hint on technologies used and preferred IDE? The most relevant tag would be IMO Java EE. — skuntsel, Apr 25 '13 at 06:12
You can try: http://stackoverflow.com/questions/15648328/login-with-ldap-using-jsf-2-1-apache-tomcat/15652173#15652173 — Rong Nguyen, Apr 25 '13 at 06:50

score 1 · Answer 1 · answered Apr 25 '13 at 06:07

I think that the most simpliest will be to use basic-form authentication. More info can be found here http://docs.oracle.com/cd/E19798-01/821-1841/bncby/index.html.

Add this to web.xml

<security-constraint>
    <display-name>Admin area</display-name>
    <web-resource-collection>
        <web-resource-name>Admin area</web-resource-name>
        <description>Admin area</description>
        <url-pattern>/admin/*</url-pattern>
        <url-pattern>/login</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <description/>
        <role-name>admin</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
        <form-login-page>/login.xhtml</form-login-page>
        <form-error-page>/login.xhtml</form-error-page>
    </form-login-config>
</login-config>
<security-role>
    <description/>
    <role-name>admin</role-name>
</security-role>

Create login page

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:h="http://java.sun.com/jsf/html"
      xmlns:f="http://java.sun.com/jsf/core"
      xmlns:ui="http://java.sun.com/jsf/facelets"
      xmlns:p="http://primefaces.org/ui">

    <h:head>
    </h:head>
    <h:body>
        <form method="POST" action="j_security_check" class="content-container admin-container">
            <table>
                <tr>
                    <td>Login:</td>
                    <td><input type="text" name="j_username" /></td>
                </tr>
                <tr>
                    <td>Password: </td>
                    <td><input type="password" name="j_password" /></td>
                </tr>
                <tr>
                    <td><input value="Login" /></td>
                </tr>
            </table>
        </form>
    </h:body>
</html>

In web.xml you define which pages needs authentication. In my example two sites `admin/*`, `login`needs it. If user enters those pages and they aren't authenticateed JSF will redirect them to login page. — pepuch, Apr 25 '13 at 10:39
thx for your answer! btw where do you define your password and username, I also did not found it on the oracle page... — maximus, Apr 25 '13 at 10:41
My app uses tomcat so I defined it in tomcat-users.xml file. All you need to do is to add `` and `` if you want to create admin authentication. It was all what my app needed. It's simple authentication method and I don't know if it is possible to add possibility for registartion. — pepuch, Apr 25 '13 at 10:44

Possibilities to integrate a simple login for a landing page?

1 Answers1