I'm just starting down the track of developing web apps and have started with JSF 2.2 on Java EE 7, GlassFish 4.
I thought I'd start with the very basics. I just want to protect the entire site, so every page you navigate to would first require you to authenticate yourself. So I read through the Java EE 7 Tutorial and tried the samples, modified them and then started to break them in ways I didn't think they would break. I tried all sorts of angles, but I'd generally end up in two situations:
- I'd try to access a page using a partial request, which would land me at
/index.xhtmlas defined by<welcome-file-list>, and be prompted to login; but on submitting the username/password I'd be instantly directed back to the login form. - I added an action to the
<h:commandButton>to point toindex. This worked, but when I submitted the form on the index page which should take me to theresponse.xhtmlpage, I'd end up back at the login form instead of at the response page.
After many hours of trawling the net, it seemed that the reason I had broken the login procedure was because I had changed the plain HTML login form to use JSF tags like <h:form>, instead of <form>.
There is a discussion here that says you should not do this with login forms. To quote an interesting line from that page:
To make such a page login, make the actual login form be HTML and not JSF and code it according to the j2EE standards for login forms. Use the HTML form tag instead of the JSF form, and make sure you code an HTML SUBMIT button and not a JSF commandButton!
Once I changed it back to plain old HTML it worked. But I don't understand why. Can anyone enlighten me?! I think I am missing something fundamental which I need to understand if I'm going to start writing web apps in JSF.
Many thanks...