State after login with JSF

I am new to JSF and want to create the login part of an app. I have a login page where I validate logins against a database. That is fine, but I can not figure out the logic in the following part. A legal user should be redirected to her own profile page and non legal users to a common error page. How do I "transport" the identity from the login to the profile page. All the info I need for a profile page i can get from the database so I kind of want to transport a bean from the login to create a user dependent view. I have looked at tutorials online but could not find examples except for the even simpler example where there is no use of user identity and eg.password and username is simply matched against hard coded values. I think there is some underly开发者_高级运维ing "idea" I don't get because this should ne simple, right ?

Put it in a session scoped managed bean. Here's a basic kickoff example:

@ManagedBean
@SessionScoped
public class ActiveUser {

    private User user = new User();

    @EJB
    private UserService userService;

    public String login() {
        User found = userService.find(user);

        if (found == null) {
            setGlobalMessage("Invalid login, try again");
            return null;
        } else {
            user = found;
            return "userprofile";
        }
    }

    public void isLoggedIn() {
        return user.getId() != null;
    }

    // ...
}

You can intercept on its presence in a filter.

See also

• Prevent accessing restricted page without login in Jsf2
• Is there any easy way to preprocess and redirect GET requests?