Transferring from http to https in Glassfish 3.1.1

1
votes

I'm using Glassfish 3.1.1 and JSF 2.0:

I have the following code:

public String doLoginOrCC() {

    HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();

    this.flightNumber = request.getParameter("flightNumber");

    if (request.getRemoteUser() == null) {
        return "login.xhtml";
    } else {
        return "https://" + request.getLocalAddr() + ":8181" + request.getContextPath() + "/bookSeat.xhtml";
    }

}

If user is not logged in then go to login.xhtml.

If user is logged in then go to https://localhost:8181/APP/bookSeat.xhtml

    Unable to find matching navigation case with from-view-id '/flightInfo.xhtml' for action '#{bookSeatController.doLoginOrCC}' with outcome 'https://127.0.0.1:8181/PlaneTicketProgram5-war/bookSeat.xhtml'

Do I have to add a Navigation Rule in my faces-config.xml file.

If so how would I write the Navigation Rule?

1
jsfjsf-2glassfish-3

1 Answers

0
votes

You cannot change the HTTP scheme by a navigation case. A navigation case does basically a forward. You need to send a HTTP redirect instead. You can use ExternalContext#redirect() for this.

ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
externalContext.redirect("https://" + request.getLocalAddr() + ":8181" + request.getContextPath() + "/bookSeat.xhtml");

You only need to add a throws IOException to the bean action method.

Unrelated to the concrete problem, why aren't you logging in over HTTPS? Your problem suggests that you're logging in over HTTP which thus sends the username/password unencrypted over network. Also, grabbing the raw Servlet API from under the JSF covers should be avoided as much as possible. You can grab HTTP request parameters by ExternalContext#getRequestParameterMap() or, better, by @ManagedProperty or <f:viewParam>. You can get the remote user by ExternalContext#getRemoteUser().