Book Image

Mastering JavaServer Faces 2.2

By : Anghel Leonard
Book Image

Mastering JavaServer Faces 2.2

By: Anghel Leonard

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Mastering JavaServer Faces 2.2
Anghel Leonard
Jun, 2014 | 578 pages
No titles found
Table of Contents (20 chapters)
Mastering JavaServer Faces 2.2
Mastering JavaServer Faces 2.2
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Dynamic Access to JSF Application Data through Expression Language (EL 3.0)
Dynamic Access to JSF Application Data through Expression Language (EL 3.0)
EL syntax
EL immediate and deferred evaluation
EL value expressions
EL method expressions
The conditional text in JSF
Writing a custom EL resolver
EL 3.0 overview
Summary
2
Communication in JSF
Communication in JSF
Passing and getting parameters
Managed bean communication
Summary
3
JSF Scopes – Lifespan and Use in Managed Beans Communication
JSF Scopes – Lifespan and Use in Managed Beans Communication
JSF scopes versus CDI scopes
The request scope
The session scope
The view scope
The application scope
The conversation scope
The flow scope
Dependent pseudo-scope
The none scope
The custom scope
Managed bean instantiation
Beans injection
Summary
4
JSF Configurations Using XML Files and Annotations – Part 1
JSF Configurations Using XML Files and Annotations – Part 1
JSF 2.2 new namespaces
JSF 2.2 programmatic configuration
Configuring managed beans in XML
Working with multiple configuration files
Configuring locales and resource bundles
Configuring validators and converters
Configuring navigation
Configuring action listeners
Configuring system event listeners
Configuring phase listeners
Working with @ListenerFor and @ListenersFor
Summary
5
JSF Configurations Using XML Files and Annotations – Part 2
JSF Configurations Using XML Files and Annotations – Part 2
Configuring resource handlers
Configuring the view handler
Overriding JSF renders
Working with client behavior functionality
JSF factories
Combined power of multiple factories
Summary
6
Working with Tabular Data
Working with Tabular Data
Creating a simple JSF table
The CollectionDataModel class of JSF 2.2
Sorting tables
Deleting a table row
Editing/updating a table row
Adding a new row
Displaying row numbers
Selecting a single row
Selecting multiple rows
Nesting tables
Paginating tables
Generating tables with the JSF API
Filtering tables
Styling tables
Summary
7
JSF and AJAX
JSF and AJAX
A brief overview of the JSF-AJAX lifecycle
A simple JSF-AJAX example to get started
The JSF-AJAX attributes
Grouping components under <f:ajax> tag
Updating input fields with AJAX after validation error
Mixing AJAX and flow scope
Postback and AJAX
Is it a non-AJAX request?
AJAX and <f:param>
Queue control for AJAX requests
Explicit loading of jsf.js
AJAX and the progress bar/indicator
Summary
8
JSF 2.2 – HTML5 and Upload
JSF 2.2 – HTML5 and Upload
Working with HTML5 and JSF 2.2
JSF 2.2 upload feature
Summary
9
JSF State Management
JSF State Management
JSF saving the view state
JSF 2.2 is stateless
JSF security notes
Summary
10
JSF Custom Components
JSF Custom Components
Building noncomposite custom components
Building composite components
Summary
11
JSF 2.2 Resource Library Contracts – Themes
JSF 2.2 Resource Library Contracts – Themes
Working with contracts
Styling tables with contracts
Styling UI components with contracts
Styling contracts across different devices
Writing contracts for composite components
Writing a theme switcher
Configuring contracts in XML
Packaging contracts in JARs
Summary
12
Facelets Templating
Facelets Templating
A brief overview of the Facelets tags
Creating a simple template – PageLayout
Passing parameters via <ui:param>
Passing bean properties and action methods via <ui:param>
Exploiting the <ui:decorate> and <ui:fragment> tags
Iterating with <ui:repeat>
Working with <ui:include> and <f:viewParam>
Working with <ui:include> and <ui:param>
Debugging with <ui:debug>
Removing the content with <ui:remove>
Using the jsfc attribute
Extending the PageLayout template
Facelets' programmatic aspects
Facelets pitfalls
Summary
The JSF Life Cycle
The JSF Life Cycle
Index
Index

JSF security notes

Dissertations about JSF saving state also imply some aspects regarding JSF security. It appears that saving the JSF state on the client is less secure than saving the JSF state on the server. For the most common security concerns (for example, XSS, CSRF, SQL injection, and phishing), JSF provides implicit protection.

Cross-site request forgery (CSRF)

CSRF and phishing attacks can be prevented by saving state on the server. JSF 2.0 comes with implicit protection against CSRF attacks based on the value of the javax.faces.ViewState hidden field. Starting with JSF 2.2, this protection was seriously fortified by creating a powerful and robust value for this field.

Cross-site scripting (XSS)

XSS attacks are implicitly prevented by JSF through the escape attribute, which is set to true by default (<h:outputText/>, <h:outputLabel/>). The following are the examples:

<p>Hi, <h:outputText value="#{loginbean.name}" /></p>
<p>Hi, #{loginbean.name}&lt...
Previous Section
End of Section 4
Next Section