I'm trying to do a 'login with facebook' button, which works ok, but I would like to redirect to another page with the user data filled in a form.
SocialFacebook Controller
public void login(){
try {
//Create an instance of SocialAuthConfig object
SocialAuthConfig config = SocialAuthConfig.getDefault();
//load configuration. By default load the configuration from oauth_consumer.properties.
//You can also pass input stream, properties object or properties file name.
config.load();
//Create an instance of SocialAuthManager and set config
SocialAuthManager manager = new SocialAuthManager();
manager.setSocialAuthConfig(config);
//URL of YOUR application which will be called after authentication
String successUrl = "http://localhost:8080/cc/pages/system/register.xhtml";
// get Provider URL to which you should redirect for authentication.
// id can have values "facebook", "twitter", "yahoo" etc. or the OpenID URL
String url = manager.getAuthenticationUrl("facebook", successUrl);
// Store in session
HttpSession session = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);
session.setAttribute("authManager", manager);
//after check out in facebook, redirect to the proper page
logged();
//redirect to the successful login page
FacesContext.getCurrentInstance().getExternalContext().redirect(url);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
So when the user hit the button, 'log in with facebook' in my index.xhtml:
<h:body>
<h:form id="login-facebook">
<h:commandButton id="login" action="#{socialFacebook.login}" value="Login"/>
</h:form>
</h:body>
It redirects to register.xhtml page with the URL like this:
http://localhost:8080/cc/pages/system/register.xhtml?code=AQC_3oCPjlyvZ51dpzxVdBNS1JfgwwZluBSduU7FG01esgVQT6Qxq8gWYRUsGz64aXDvXB1195m0CHZGmdvsmjLxtmbuUSSSqH7i49pcb6g9Begt4Yol1rqWFQGGGGGGGGGGGJ9mlWiEq4Aknlh1J2su2a9l0GzyLB21J4BgNgfBw3DUtwn-RkT00E7BsFpISiXKE7EVsT5NgxPBtOWIUY#_=_
The thing is now, I would like to get this code in my bean and do the checking and fill the form in register.xhtml
So I create this method at the same bean :
private void logged(){
FacesContext facesContext = FacesContext.getCurrentInstance();
HttpSession session = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);
SocialAuthManager manager = (SocialAuthManager) session.getAttribute("authManager");
try {
// get the auth provider manager from session
if (manager != null){
// call connect method of manager which returns the provider object.
// Pass request parameter map while calling connect method.
HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
Map<String, String> paramsMap = SocialAuthUtil.getRequestParametersMap(request);
AuthProvider provider = manager.connect(paramsMap);
// get profile
Profile p = provider.getUserProfile();
session.setAttribute("profile", p);
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
But it I'm not able to get the parameter code from my request.
How can I get this code, do the checking and fill the form after that ?
**
EDIT
SocialFacebook.java
package jpa.control;
// imports..
#ManagedBean(name="socialFacebook")
#RequestScoped
public class SocialFacebook implements Serializable{
private static final long serialVersionUID = -4787254243136316495L;
#ManagedProperty("#{param.code}")
private String code;
public void login(){
try {
//Create an instance of SocialAuthConfig object
SocialAuthConfig config = SocialAuthConfig.getDefault();
//load configuration. By default load the configuration from oauth_consumer.properties.
//You can also pass input stream, properties object or properties file name.
config.load();
//Create an instance of SocialAuthManager and set config
SocialAuthManager manager = new SocialAuthManager();
manager.setSocialAuthConfig(config);
//URL of YOUR application which will be called after authentication
String successUrl = "http://localhost:8080/cc/pages/system/register.xhtml";
// get Provider URL to which you should redirect for authentication.
// id can have values "facebook", "twitter", "yahoo" etc. or the OpenID URL
String url = manager.getAuthenticationUrl("facebook", successUrl);
// Store in session
HttpSession session = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);
session.setAttribute("authManager", manager);
//after check out in facebook, redirect to the proper page
logged();
//redirect to the successful login page
FacesContext.getCurrentInstance().getExternalContext().redirect(url);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
private void logged(){
FacesContext facesContext = FacesContext.getCurrentInstance();
HttpSession session = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);
SocialAuthManager manager = (SocialAuthManager) session.getAttribute("authManager");
System.out.println("*******************************");
System.out.println(code); // keeps return NULL everytime
System.out.println("*******************************");
try {
// get the auth provider manager from session
if (manager != null){
// call connect method of manager which returns the provider object.
// Pass request parameter map while calling connect method.
HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
Map<String, String> paramsMap = SocialAuthUtil.getRequestParametersMap(request);
AuthProvider provider = manager.connect(paramsMap);
// get profile
Profile p = provider.getUserProfile();
session.setAttribute("profile", p);
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
// Get's and Set's
public String getCode() {
return code;
}
public void setCode(String code) {
this.code = code;
}
}
I solve my problem creating a webfilter which gets the request and responde then I could fill the user date in my url and get then in my form page:
#WebFilter("/facebook/*")
public class LoginFilter implements Filter {
#EJB UserEAO userEAO;
#Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
HttpSession session = request.getSession();
FacesContext facesContext = FacesContext.getCurrentInstance();
try {
SocialAuthManager manager = (SocialAuthManager) session.getAttribute("authManager");
Map<String, String> paramsMap = SocialAuthUtil.getRequestParametersMap(request);
AuthProvider provider = manager.connect(paramsMap);
// get profile
Profile p = provider.getUserProfile();
if (userEAO.find(p.getEmail()) == null){
response.sendRedirect
(
request.getContextPath() +
"/pages/system/register.xhtml?" +
"firstName=" + p.getFirstName()
);
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
This is my register page:
<ui:composition template="/resources/jsf/include/default.xhtml">
<ui:define name="title">
</ui:define>
<ui:define name="header">
</ui:define>
<ui:define name="content">
<h:form id="register_form">
<f:metadata>
<f:viewParam name="firstName" value="#{userc.userb.user.firstName}" />
</f:metadata>
Name: <h:message id="m_name" for="name" styleClass="red" />
<h:inputText id="name" value="#{userc.userb.user.firstName}">
<f:validateLength minimum="1" maximum="20" />
<f:ajax event="blur" render="m_name" />
</h:inputText>
Related
My user signs into my app using Amazon Cognito using this plugin.
I also have a spring boot application ui, secured by cognito as well.
At some point in my app flow, i want to show a webview of the spring boot application to let the user configure additional stuff.
How do i do it without having the user sign in again?
Would it be bad practice if i created an endpoint called /login/{username}/{password} that uses the SecurityContextHolder to sign the user in and redirect to /home?
I finally got it working.
First i logged in, and made my code stop somewhere using the debugger, so i could look up the SecurityContextHolder.getContext().getAuthentication(). My Authentication object is of type OAuth2AuthenticationToken. I took a close look at it, and decided to replicate it.
I did so inside a custom AuthenticationManager, and returned my OAuth2AuthenticationToken in the overriden authenticate method.
CustomAuthenticationManager.java
#Component
public class CustomAuthenticationManager implements AuthenticationManager {
#Bean
protected PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
#Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String token = ((Jwt)authentication.getPrincipal()).getTokenValue();
if (token == null)
throw new BadCredentialsException("Invalid token");
return convertAccessToken(token);
}
public OAuth2AuthenticationToken convertAccessToken(String accessToken){
Jwt decode = Tools.parseToken(accessToken);
List<GrantedAuthority> authorities = new ArrayList<>();
for (String s : ((String[]) decode.getClaims().get("cognito:groups"))) {
authorities.add(new SimpleGrantedAuthority("ROLE_" + s));
}
Map<String, Object> claims = decode.getClaims();
OidcIdToken oidcIdToken = new OidcIdToken(decode.getTokenValue(), decode.getIssuedAt(), decode.getExpiresAt(), claims);
DefaultOidcUser user = new DefaultOidcUser(authorities, oidcIdToken, "email");
return new OAuth2AuthenticationToken(user, authorities, "cognito");
}
}
Also i put this in a static Tools.java
public static Jwt parseToken(String accessToken) {
DecodedJWT decode = com.auth0.jwt.JWT.decode(accessToken);
HashMap<String, Object> headers = new HashMap<>();
headers.put("alg", decode.getHeaderClaim("alg").asString());
headers.put("kid", decode.getHeaderClaim("kid").asString());
HashMap<String, Object> claims = new HashMap<>();
decode.getClaims().forEach((k, v) -> {
switch(k){
case "cognito:roles":
case "cognito:groups":
claims.put(k, v.asArray(String.class));
break;
case "auth_time":
case "exp":
case "iat":
claims.put(k, v.asLong());
break;
default:
claims.put(k, v.asString());
break;
}
});
return new Jwt(accessToken, decode.getIssuedAt().toInstant(), decode.getExpiresAt().toInstant(), headers, claims);
}
Then i created two endpoints. One that is my "login page", and one that my filter goes to. So in my login page i take in an access token, store it in the sesion, then redirect to my other endpoint that pasess through the filter.
TokenLoginController.java
#Component
#RestController
public class TokenLoginController {
#GetMapping(value="/login/token/{token}")
#PermitAll
public void setSession(#PathVariable("token") String token, HttpSession session, HttpServletResponse response) throws IOException {
session.setAttribute("access_token", token);
response.sendRedirect("/login/token");
}
#GetMapping(value="/login/token")
#PermitAll
public void setSession() {
}
}
The filter extends AbstractAuthenticationProcessingFilter and looks up the access token from the session, creates the OAuth2AuthenticationToken, and authenticates with it.
StickyAuthenticationFilter.java
public class StickyAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
public StickyAuthenticationFilter(String defaultFilterProcessesUrl, AuthenticationManager authenticationManager) {
super(defaultFilterProcessesUrl);
setAuthenticationManager(authenticationManager);
}
#Override
public Authentication attemptAuthentication(HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws AuthenticationException, IOException, ServletException {
String access_token = (String)servletRequest.getSession().getAttribute("access_token");
if (access_token != null) {
JwtAuthenticationToken authRequest = new JwtAuthenticationToken(Tools.parseToken(access_token));
return getAuthenticationManager().authenticate(authRequest);
}
throw new RuntimeException("Invalid access token");
}
}
And finally, my SecurityConfig ties it all together like this:
#EnableWebSecurity
#Configuration
#EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends VaadinWebSecurity {
private final ClientRegistrationRepository clientRegistrationRepository;
public SecurityConfig(ClientRegistrationRepository clientRegistrationRepository) {
this.clientRegistrationRepository = clientRegistrationRepository;
}
#Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("/login/token/*", "/login/token").permitAll().and()
.addFilterBefore(new StickyAuthenticationFilter("/login/token", new CustomAuthenticationManager()), BearerTokenAuthenticationFilter.class)
.oauth2ResourceServer(oauth2 -> oauth2.jwt())
.authorizeRequests()
.antMatchers("/user/**")
.authenticated();
super.configure(http);
setOAuth2LoginPage(http, "/oauth2/authorization/cognito");
http.oauth2Login(l -> l.userInfoEndpoint().userAuthoritiesMapper(userAuthoritiesMapper()));
}
#Override
public void configure(WebSecurity web) throws Exception {
// Customize your WebSecurity configuration.
super.configure(web);
}
#Bean
public GrantedAuthoritiesMapper userAuthoritiesMapper() {
return (authorities) -> {
Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
Optional<OidcUserAuthority> awsAuthority = (Optional<OidcUserAuthority>) authorities.stream()
.filter(grantedAuthority -> "ROLE_USER".equals(grantedAuthority.getAuthority()))
.findFirst();
if (awsAuthority.isPresent()) {
if (awsAuthority.get().getAttributes().get("cognito:groups") != null) {
mappedAuthorities = ((JSONArray) awsAuthority.get().getAttributes().get("cognito:groups")).stream()
.map(role -> new SimpleGrantedAuthority("ROLE_" + role))
.collect(Collectors.toSet());
}
}
return mappedAuthorities;
};
}
}
I wanted to send "nick" field from client to register new username with ejabberd in band registration. but Server is sending only username, password and instructions fields back to client to fill. I have checked below mod_register to modify these fields but none provide is available.
https://docs.ejabberd.im/admin/configuration/#mod-register
2018-05-29 23:01:08.426 [debug] <0.4613.3>#xmpp_socket:send:218 (tls|<0.4613.3>) Send XML on stream = <<"
<iq xml:lang='en' from='xmpp.test.in' type='result' id='mCbQBXKp-Sd4'>
<query xmlns='jabber:iq:register'>
<username/>
<password/>
<instructions>Choose a username and password to register with this server</instructions>
</query>
</iq>">>
Can any help me how to get nick included in registration itself?
If you are using Smack client for Android you can send additional attributes in createAccount method like:
public void signup(String user, String password, String nickname) throws SmackInvocationException {
connect();
Map<String, String> attributes = new HashMap<String, String>();
attributes.put("name", nickname);
try {
AccountManager.getInstance(con).createAccount(user, password, attributes);
} catch (Exception e) {
throw new SmackInvocationException(e);
}
}
Another approach is to use Vcard with VcardManager and set nickname in smack like (after login or signup):
private Context context;
private XMPPConnection con;
public SmackVCardHelper(Context context, XMPPConnection con) {
this.context = context;
this.con = con;
}
public void save(String nickname) throws SmackInvocationException {
VCard vCard = VCardManager.getInstanceFor(connection).loadVCard();
try {
vCard.setNickName(nickname);
vCard.saveVCard(vcard);
} catch (Exception e) {
throw new SmackInvocationException(e);
}
}
i will have few multipart forms in jsp and have to process them using servlet. All work fine with the first form, but if i try to add switch in servlet's doPost method, it stops to recognize fields value: userName cannot be null.
jsp form:
<form action="ServletMultipartForm" method="post" name="Form" enctype="multipart/form-data">
<br>
<label>NAME</label><br>
<input type="text" name="instrName">
<label>IMAGE</label><br>
<input type="file" name="instrImage">
<input type="submit" value="Submit Instructor" name="action">
</form>
ServletMultipartForm.java
#MultipartConfig
public class ServletMultipartForm extends HttpServlet {
private final String UPLOAD_DIRECTORY = "F:/OLD/JAVAJSP - Copy/PROGRAMMING_ASSIGNMENT3/ASpace/web/img/instructors";
String userImage = null;
String userName = null;
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
List<FileItem> items = null;
try {
items = new ServletFileUpload(new DiskFileItemFactory()).parseRequest(request);
} catch (FileUploadException ex) {
Logger.getLogger(ServletMultipartForm.class.getName()).log(Level.SEVERE, null, ex);
}
for (FileItem item : items) {
if (item.isFormField()) {
// Process regular form field (input type="text|radio|checkbox|etc", select, etc).
String fieldname = item.getFieldName();
String fieldvalue = item.getString();
if (fieldname.equalsIgnoreCase("instrName")) {
userName = fieldvalue;
}
} else {
FileItemFactory factory = new DiskFileItemFactory();
ServletFileUpload upload = new ServletFileUpload(factory);
try {
// Parse the request
List<FileItem> multiparts = upload.parseRequest(request);
userImage = new File(item.getName()).getName();
item.write(new File(UPLOAD_DIRECTORY + File.separator + userImage));
System.out.println("User Image Name " + userImage);
} catch (FileUploadException e) {
throw new ServletException("Cannot parse multipart request.", e);
} catch (Exception ex) {
Logger.getLogger(ServletMultipartForm.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
User in=new User(userName, userImage);
UserDB.insert(in);
String FeedbackMessage = "New Instructor " + in.getUserName()+" was added";
request.setAttribute("FeedbackMessage", FeedbackMessage);
getServletContext()
.getRequestDispatcher("/adminPanel.jsp")
.forward(request, response);
gotoPage("/adminPanel.jsp", request, response);
}
private void gotoPage(String address, HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
RequestDispatcher dispatcher = getServletContext().getRequestDispatcher(address);
dispatcher.forward(request, response);
}
}
I have tried to add switch statement depending on "action", smth:
String selection = request.getParameter("action");
but then start to get that error: userName cannot be null.
Thanks for any advice.
I'm trying to use SocialAuth, the idea is very simple, click in log in with facebook then redirect the user to my website signed in.
The log in part I get it, which is below :
1) /index.xhtml
<h:form id="login-facebook">
<h:commandButton id="login" action="#{socialFacebook.login}" value="Login"/>
</h:form>
2) socialFacebook bean
package controller;
#ManagedBean(name="socialFacebook")
#RequestScoped
public class SocialFacebook implements Serializable{
private static final long serialVersionUID = -4787254243136316495L;
private String code;
#PostConstruct
public void init(){
try {
HttpServletRequest request=(HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
SocialAuthManager manager = (SocialAuthManager)FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get("authManager");
Map<String, String> paramsMap = SocialAuthUtil.getRequestParametersMap(request);
AuthProvider provider = manager.connect(paramsMap);
// get profile
Profile p = provider.getUserProfile();
System.out.println(p.getFullName());
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public void login(){
try {
HttpServletRequest request=(HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
//Create an instance of SocialAuthConfig object
SocialAuthConfig config = SocialAuthConfig.getDefault();
//load configuration. By default load the configuration from oauth_consumer.properties.
//You can also pass input stream, properties object or properties file name.
config.load();
//Create an instance of SocialAuthManager and set config
SocialAuthManager manager = new SocialAuthManager();
manager.setSocialAuthConfig(config);
//URL of YOUR application which will be called after authentication
//String successUrl = "http://localhost:8080/cc/pages/system/login_facebook.xhtml" + ";jsessionid=" + req.getSession().getId();
String successUrl = "http://localhost:8080/cc/pages/system/index.xhtml" + ";jsessionid=" + request.getSession().getId();
// get Provider URL to which you should redirect for authentication.
// id can have values "facebook", "twitter", "yahoo" etc. or the OpenID URL
String url = manager.getAuthenticationUrl("facebook", successUrl);
// Store in session
FacesContext.getCurrentInstance().getExternalContext().getSessionMap().put("authManager", manager);
//redirect to the successful login page
FacesContext.getCurrentInstance().responseComplete();
FacesContext.getCurrentInstance().getExternalContext().redirect(url);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public String getCode() {
return code;
}
public void setCode(String code) {
this.code = code;
}
}
3) Facebook returned the following URL:
http://localhost:8080/cc/pages/system/home_facebook.xhtml;jsessionid=e143aa975fa3f313c677fbcb03e3?code=AQAmJXdQX0B__zJHXnRyPfgaG1CfNUEEEEEEEEEEEEEEEZJLEpsT5s1spd3KtWGWI2HYaIOZKLkrn8axKs4iKwJVQJwJQB_WSs2iWkp2DDDDDDDDDDDDtdRPLPG7psp6r2PYmn7CTm2QNNha7f1QlgmoZtBsIEF0SSSSSSSSSSSSSSSSSSSSSSS8RutAU8dqI2KDE57f#_=_
4) It pass by my init method as BalusC suggest but always prints nope :( :
#ManagedBean(name="redirectFacebook")
#RequestScoped
public class RedirectFacebook implements Serializable{
private static final long serialVersionUID = -566276017320074630L;
private String code;
private Profile profile;
#PostConstruct
public void init(){
try {
HttpServletRequest request=(HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
HttpSession session = (HttpSession) request.getAttribute("jsessionid");
if (request.getAttribute("code") != null)
System.out.println("code");
else
System.out.println("nope :(");
if (session != null){
SocialAuthManager manager = (SocialAuthManager)FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get("authManager");
Map<String, String> paramsMap = SocialAuthUtil.getRequestParametersMap(request);
AuthProvider provider = manager.connect(paramsMap);
// get profile
profile = provider.getUserProfile();
System.out.println(profile.getFullName());
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
5) And it prints nope :( too in my home_facebook page:
<h:form id="redirect-facebook-form">
<f:metadata>
<f:viewParam name="code" value="#{redirectFacebook.code}" />
</f:metadata>
<h:panelGroup rendered="#{not empty redirectFacebook.profile}">
Hello, you're successfully associated as #{socialFacebook.profile.firstName} on Facebook
</h:panelGroup>
<h:panelGroup rendered="#{empty redirectFacebook.profile}">
Nope :(
</h:panelGroup>
</h:form>
But, I'm a bit confuse how to get the result in my bean and do some verifications as if the user is registered or not for instance. I know, looking some code in Google, that I have to do this, but how can I redirect to my bean and do this and redirect the user to the proper page ?
SocialAuthManager manager = (SocialAuthManager)FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get("authManager");
Map<String, String> paramsMap = SocialAuthUtil.getRequestParametersMap(request);
AuthProvider provider = manager.connect(paramsMap);
// get profile
Profile p;
p = provider.getUserProfile();
This is really taking some nights to figure it out.
Any idea is very appreaciated, thanks.
I don't see any code level issue except you are using localhost in URL.
Here is a wiki link which describes how to run application with localhost.
Please let me know if this does not work.
When I press a button I post some data to server and there redirect to another page.
I used RequestBuilder but it is waiting the response, and of course get it. And nothing happens, same page stays. I see RequestBuidler shouldn't be used here... What should I use to post data and be able to redirect?
In Spring
#RequestMapping(method=RequestMethod.POST, value="/ddd")
public ModelAndView processOrder(#RequestBody String orderInString, HttpSession session) throws Exception{
...
return new ModelAndView(new RedirectView("abc"));
}
In GWT
public void postData(final String data, final String url) {
RequestBuilder builder = new RequestBuilder(RequestBuilder.POST, url);
try {
builder.sendRequest(data, new RequestCallback() {
public void onError(Request request, Throwable exception) {
...
}
public void onResponseReceived(Request request,
Response response) {
if (200 == response.getStatusCode()) {
..
} else {
..
}
}
});
} catch (RequestException e) {
...
}
return;
}
FormPanel form = new FormPanel("_self");
form.setMethod(FormPanel.METHOD_GET);
Hidden params0 = new Hidden("param1", "value1");
Hidden params1 = new Hidden("param1", "value2");
Hidden params2 = new Hidden("param2", "value3");
FlowPanel panel = new FlowPanel();
panel.add(params0);
panel.add(params1);
panel.add(params2);
form.add(panel);
form.setAction(GWT.getModuleBaseURL() + "../MyServlet");
RootPanel.get().add(form);
form.submit();
Thats it. The code adds FormPanel and sends form.
Add more specifications, code, this is blur.
Since you are using Spring-mvc, you should be having something like this
private static final String newPage = "index2"; //this is resolved with view resolver
#RequestMapping(params = "action=button")
protected String getALPLicense(final RenderRequest request,
final RenderResponse response, final Model model) throws Exception {
try{
}catch{
}
return newPage; //this is your new redirected page
}