JavaServer Faces Custom Component
JavaServer Faces Custom Component
HTML form that requires a customer to enter an identifier and password. This form is rendered
by a JavaServer Faces custom component. A custom tag represents the component on the page.
In the following piece of logon.jsp, the <db:formBasedLogin> tag represents the custom
component:
<f:view>
...
<h:outputText value=
"#{bundle.Logon}"/>
<h:outputText value=
"#{bundle.Submit}"/>.</h3>
<br><br>
<db:formBasedLogin
/>
</f:view>
Note that there is no h:form tag. This is because the custom component renders the form tag
along with the complete HTML form that customers use to log in:
<form action=
"j_security_check" method=post>
<table>
<tr>
<td align=
"center" >
<table border=
"0">
<tr>
<td><b><fmt:message key=
"CustomerId"/></b></td>
<td>
<input type=
"text" size="15" name="j_username">
</td>
</tr>
<tr>
<td><b><fmt:message key=
"Password"/></b></td>
<td>
<input type=
"password" size="15" name="j_password">
</td>
...
</form>
Note that the action invoked by the form, j_security_check, is specified by the Java Servlet
specification, as are the request parameters j_username and j_password. The web container
retrieves this information, maps it to a security role, and verifies that the role matches that
specified in the security constraint. In order for the web container to check the validity of the
authentication information and perform the mapping, you must perform these two steps when
you deploy the application:
1. Add the customer's group, ID, and password to the default realm of the container using the
Admin Console.
2. Map the bankCustomer role to the customer or the customer's group in the deployment
descriptor.
Web Client
The Java EE 5 Tutorial · September 2007
1074
