You will see how to do that later in
this chapter.
Simple Components
[ 94 ]
So far, we have tried to limit access to the ShowAll page to only those who were
authenticated successfully, but let's see if our solution works properly. Modify the
URL in the address bar of your browser to look like this (in your case port number
can be different):
http://localhost:8084/celebrities/showall
Press Enter, and the ShowAll page will be shown without any authentication. This
means that anyone who simply knows the name of the page can easily circumvent
our security and view the page, access to which we tried to limit. We need to use a
more reliable way to limit access to the page.
Limiting Access to a Page
To efficiently limit access to a page, we can use the onActivate method. You should
be familiar with this method from Chapter 3 where it was used to pass a value
through page activation context. The onActivate method is invoked every time
the page is loaded, and if there is some value in the activation context, it will be
passed as an argument to this method. However, another use for it might be to check
whether the user who tries to access the page was successfully authenticated.
If you remember, in the case of a successful authentication, we are storing the
User object as an ASO.
Pages:
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132