I tried to write a filter for it but some how it was not working for me, so I made an
alternate for it.
I did it like this in every page that I don't want the user to access without Login:
// my code
This will call the function validuser() which is in my session managed bean.
Now this is my function.
During login I already insert the user object into the session.
public void validuser()
{
FacesContext context = FacesContext.getCurrentInstance();
UserLogin ul = (UserLogin) context.getExternalContext().getSessionMap().get("userbean");
if (ul == null)
try{
context.getExternalContext().redirect("/HIBJSF/faces/LoginPage.xhtml");
context.responseComplete();
}
catch (IOException e)
{
e.printStackTrace();
}
}
If there is a session but no one had logged in, then it will take you to a redirect page.
