hi,
I use CustomFormAuthenticationMechanismDefinition for my web app and I want to redirect to a different welcome page based on logged in user group. What is a recommended approach to do that?
OK a little bit more inforamtion:
My web.xml setting:
<welcome-file-list>
<welcome-file>app/index.xhtml</welcome-file>
</welcome-file-list>
I have settings for these security-constraint with recquired auth-constraint for access
/app/* is an application users area
/client/* is client path
For login action I have this code:
public void execute() throws IOException {
switch (processAuthentication()) {
case SEND_CONTINUE:
fc.responseComplete();
break;
case SEND_FAILURE:
fc.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid Credentials", null));
break;
case SUCCESS:
if (isClientRole()) {
context.redirect(context.getRequestContextPath() + "/client/nets.xhtml");
} else {
context.redirect(context.getRequestContextPath() + "/app/index.xhtml");
}
break;
}
}
private AuthenticationStatus processAuthentication() {
return securityContext.authenticate((HttpServletRequest) context.getRequest(),
(HttpServletResponse) context.getResponse(),
AuthenticationParameters.withParams()
.credential(new UsernamePasswordCredential(username, password)));
}
SUCCESS part works as expected, but SEND_CONTINUE part is still unknown behavior like described in this question and I can’t find, how to control it.