Skip to main content

An Introduction to JSF 2.2

Recently Java EE 7 specification goes into final. Next week (June 12) oracle going to release the Java EE 7 specification and Glass Fish 4 as reference implementation to general availability.

Java EE 7 adds more features like JSF 2.2, Servlet 3.1, Json Processing, websocket support, etc..
click here about the spec.

In this post i'm going walk through in JSF 2.2

JSF 2.2 is added more features, and JSF as  a main presentation layer of Java EE platform. compare to JSP, jsp is not getting more feature, they just add maintenance release.


Features of JSF 2.2

  • File Upload Component
  • Faces Flow
  • HTML5 Support
  • Cross Site Request Forgery Protection (CSRF)
  • Multi-Templating

File Upload Component


This is most awaited feature in JSF, now we can build the file upload feature in web application without any 3rd party libraries.

i am going to cover this topic in another post.

Faces Flows


Faces flows provides to create the JSF web application in modular way, each module is self contained pages , own backing beans and entry and exit points. Its make the module more reusable.

Faces flows are inspired from Spring Web Flows and Oracle Task Flows

Arun Gupta described his post about Faces Flows

HTML5 Support


HTML5 is future of the web, old JSF libraries are doesn't support HTML5 tags and attributes like placeholder attribute in input field tag, etc.
  <h:inputText   value="#{backingBean.field}"   p:placeholder="Enter text"  />

Cross Site Request Forgery Protection (CSRF)


CSRF is one kind of security attack, Its make the request on existing session.

For example i opened the Tomcat Manager web application and i logged in, now i try to open another web site in different tab, now that website try to execute the code like
http://localhost:8080/manager/html/stop?path=/app1

then browser make the request to that server (localhost:8080), browser already have session, so that server stop the application.

so we need to add CSRF protection token for every request, if token is not found or invalid then that request is not proceed further, server ignores the request

tomcat 7 uses own CSRF token
http://localhost:8080/manager/html/stop?path=/app1&org.apache.catalina.filters.CSRF_NONCE=CEF9F082EF983140038CF804CA81F29E

here tomcat 7 adds the CSRF token

now JSF 2.2 we can declaratively add the CSRF token to protecting the resources from CSRF attacks


Multi - Templating


Multi Templating is another feature to add more templates (Layout, skins), to web applications.
so we can change the template in run time like wordpress we can change the themes,
just put the theme jar file in classpath, Java platform discovered and apply the templates.


If u have any comments welcomed






Popular posts from this blog

Understanding Virtual Host Concept in Tomcat

Hi in this post we will see how to setup virtual host in Apache Tomcat server. Virtual Host is in-built feature that allows to deploy multiple website(domains) in single instance of tomcat server. The main benefit in this way is its cost effective. Scenario: I am going to deploy 3 website with following domain names in single tomcat http://www.ramki.com http://www.krishnan.com http://www.blog.ramki.com The following diagram is my outline. Outline structure of Virtual Host Concept in Tomcat Here my tomcat IP address 192.168.1.15. or any IP address allocated my ISP. but it should be public IP address. How all domain names are pointing to my Tomcat?                   When we purchase the domain name we need to update the our tomcat IP address to it. like or we can simulate same DNS Setup through hosts file in both Linux and Windows. In Linux tha file is located at /etc/hosts Now How Setup Virtual Host Concept? Before going to setup the virtual host. first tak

Virtual Host + Apache httpd server + Tomcat + mod_jk connector

In my last post ( Virtual Host in Tomcat ) we discussed about how setup the virtual host in Tomcat. Its cost effective technique because only one public IP is enough to host multiple domain. If we have big organization and each department want to host their website in locally in different machine. then how to achieve the virtual host concept?. In this post we will see the how we do this. Update :   I posted  Virtual Host + Nginx + Tomcat  Its easy to configure, compare to Apache httpd server Problem Scenario:         In big organization they have multiple department, each department want to host their website in different machine. so these websites are accessed locally with different local IP address. When we mapping to public address then we face the problem. We have two choice either purchase as many public address or Put one server front  and delegate these request.  We going to use 2nd option. we put Apache httpd web server in front of all department servers. so onl

Docker : Tomcat Clustering with Load Balancer (Tomcat and Nginx)

In this post i will show Tomcat Clustering in Docker Container. In  my previous post i discussed how to achieve tomcat clustering with Nginx Front end . Its almost same scenario, but this time we will achieve via docker container. Docker Docker  is an  open-source  project that automates the deployment of  applications  inside  software containers , by providing an additional layer of abstraction and automation of  operating-system-level virtualization  on  Linux . [4]  Docker uses resource isolation features of the Linux kernel  such as  cgroups  and kernel  namespaces  to allow independent "containers" to run within a single Linux instance, avoiding the overhead of starting and maintaining  virtual machine   --Wikipedia