[jboss-user] [JBoss Seam] - Handling Expired Password Best Practice

djeverson do-not-reply at jboss.com
Fri Apr 20 17:53:07 EDT 2007


Hi, 

Our environment JBoss 4.0.5, Seam 1.2.1, Facelets

As part of our login use case, we have a requirement that the user's password must be changed within a defined period.

We attempted to implement this functionality by throwing an Exception in the Authenticator class:


  | if (user.isPasswordChangeRequired()) {
  |   throw new ExpiredPasswordException("User must change password");
  | }
  | 

In pages.xml, we added the following:


  | <exception class="us.crimnet.exceptions.ExpiredPasswordException">
  |     <redirect view-id="/change_password.xhtml"/>          
  | </exception>
  | 

When we test this, the exception is thrown.  However, the user is not redirected to the change_password.xhtml page.  Rather, they just remain on the log page with a message saying that the log in failed. 

How have others implemented similar use cases?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4039440#4039440

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4039440



More information about the jboss-user mailing list