JSF Showcase - Liferay Faces

Button/Link

Data

h:dataTable

Input

Miscellaneous

Multimedia

h:graphicImage

Output

Panel

Select

Portlet

JSTL

Faces Core

Facelets

Extensions

FacesContextHelperUtil

h:inputSecret

HtmlInputSecret is a UIInput component that renders an <input> element with type=password.

Redisplay Usage

The redisplay attribute indicates whether or not the value attribute is rendered to the response. For example, if redisplay is true then the component would be rendered like the following:

<input type="secret" value="myPlainTextPassword" />

Since this is a potential security risk, the default value of the redisplay attribute is false. However, this has the side-effect of the user having to re-enter a value when validation fails. In order to provide a better user experience, avoid using render=@form to update the DOM.

Source Code

<ui:composition xmlns="http://www.w3.org/1999/xhtml"
	xmlns:f="http://xmlns.jcp.org/jsf/core"  xmlns:h="http://xmlns.jcp.org/jsf/html"
	xmlns:ui="http://xmlns.jcp.org/jsf/facelets">

	<!-- Example 1: Specifying redisplay=false (the default, which is secure) -->
	<h:form>
		<h:messages id="globalMessages" globalOnly="true" layout="table" />
		<h:inputSecret id="secret" value="#{inputSecretModelBean.password}" />
		<h:message id="messageSecret1" for="secret" />
		<hr />
		<h:commandButton action="#{inputSecretBackingBean.submit1}" value="#{i18n['submit']}">
			<f:ajax execute="@form" render="modelValue messageSecret1 globalMessages" />
		</h:commandButton>
		<h:outputText id="modelValue" value="#{inputSecretModelBean.password}" />
	</h:form>

	<!-- Example 2: Specifying redisplay=true (potential security risk) -->
	<h:form>
		<h:messages globalOnly="true" layout="table" />
		<h:inputSecret id="secret" redisplay="true" value="#{inputSecretModelBean.password}" />
		<h:message id="myMessage" for="secret" />
		<hr />
		<h:commandButton action="#{inputSecretBackingBean.submit2}"	value="#{i18n['submit']}">
			<f:ajax execute="@form" render="@form" />
		</h:commandButton>
		<h:outputText id="modelValue" value="#{inputSecretModelBean.password}" />
	</h:form>

</ui:composition>

@ManagedBean
@RequestScoped
public class InputSecretModelBean {

	private Date date = new GregorianCalendar().getTime();
	private String password;

	public Date getDate() {
		return date;
	}

	public String getPassword() {
		return password;
	}

	public void setDate(Date date) {
		this.date = date;
	}

	public void setPassword(String password) {
		this.password = password;
	}
}

@ManagedBean
@RequestScoped
public class InputSecretBackingBean {

	private static final Logger logger = LoggerFactory.getLogger(InputSecretBackingBean.class);

	@ManagedProperty(value = "#{inputSecretModelBean}")
	private InputSecretModelBean inputSecretModelBean;

	public void emailAddressValidator(FacesContext facesContext, UIComponent uiComponent, Object value)
		throws ValidatorException {

		if (value != null) {

			if (!value.toString().matches(".+[@].+[.].+")) {
				FacesMessage facesMessage = new FacesMessage();
				facesMessage.setSeverity(FacesMessage.SEVERITY_ERROR);
				throw new ValidatorException(facesMessage);
			}
		}
	}

	public void setInputSecretModelBean(InputSecretModelBean inputSecretModelBean) {
		this.inputSecretModelBean = inputSecretModelBean;
	}

	public void submit() {
		Object value = inputSecretModelBean.getPassword();

		if (value == null) {
			value = inputSecretModelBean.getDate();
		}

		logger.info("You entered: " + value);
	}

	public void submit1() {
		addGlobalInfoMessage("The alloy:inputSecret component was intentionally not re-rendered in the DOM.");
		submit();
	}

	public void submit2() {
		addGlobalInfoMessage("The entire form (including the alloy:inputSecret component) was re-rendered in the DOM.");
		submit();
	}

	public void valueChangeListener(ValueChangeEvent valueChangeEvent) {

		FacesContext facesContext = FacesContext.getCurrentInstance();
		PhaseId phaseId = facesContext.getCurrentPhaseId();
		logger.debug("valueChangeListener: phaseId=[{0}]", phaseId.toString());

		String phaseName = phaseId.toString();
		FacesMessage facesMessage = new FacesMessage("The valueChangeListener method was called during the " +
				phaseName + " phase of the JSF lifecycle.");
		facesContext.addMessage(null, facesMessage);
	}

	protected void addGlobalInfoMessage(String summary) {

		FacesContext facesContext = FacesContext.getCurrentInstance();
		FacesMessage facesMessage = new FacesMessage();
		facesMessage.setSeverity(FacesMessage.SEVERITY_INFO);
		facesMessage.setSummary(summary);
		facesContext.addMessage(null, facesMessage);
	}
}

Liferay Faces Bridge Implementation 5.0.0 + Showcase Common 3.1.1 + Liferay Faces Util 3.4.1 + Mojarra 2.2.20