README-LOGGING-IN
~~~~~~~~~~~~~~~~~

Annotations
~~~~~~~~~~~

The annotations used in LoginPage.java include @InjectObject and @Asset.  
Tapestry's annotations are described in 

	http://tapestry.apache.org/tapestry4/tapestry-annotations/index.html

We use @InjectObject to inject businessServicesLocator, an application-scoped object
described in README-HOME-PAGE in WEB-INF.

Logging In
~~~~~~~~~~

Let's say you input your login id and password, and clicked on the Login button.

	<input type="submit" jwcid="@Submit" value="Login" action="listener:doLogin"/>
	
What happens?

- The button's listener is doLogin, so the doLogin() method executes.  

- The input fields on the page are available through the getLoginId() and getPassword() methods.

- The method locates the business service ISecurityFinderSvcLocal and invokes authenticateUser(..).

- Let's say the method returns ok, so we are ready to go to the WelcomePage.

- In JumpStart we normally get to the next page by invoking its activate() method but in this 
  case, where we're posting the user's credentials, there is a security vulnerability which we
  avoid by using a technique known as "redirect-after-post".
  To learn more about this read the comments in LoginPage's doLogin() method.

Next
~~~~

README-BUSINESS-FACADE.  In Eclipse you can find it easily with Ctrl-Shift-R (or Cmd-Shift-R on the Mac).
