-
1. Re: Invitation to try new Seam authentication features
smokingapipe Aug 23, 2006 3:06 AM (in response to shane.bryzak)Wow, I was just now sitting down and thinking, "Ok, I have all these cool roles (customers, admin, salesmen, etc) in my app, and now I need to make sure they can only do the things they are allowed to do. I am dreading learning JAAS."
Should I try out your system? Is there a Seam build I can use for this, or do I need to grab the cvs and build it? -
2. Re: Invitation to try new Seam authentication features
shane.bryzak Aug 23, 2006 4:13 AM (in response to shane.bryzak)This stuff only exists in CVS at the moment, and yes, you should try it :)
-
3. Re: Invitation to try new Seam authentication features
msteiner Aug 23, 2006 4:15 AM (in response to shane.bryzak)I've followed instructions on wiki and I get exceptions:
10:05:14,037 ERROR [ExceptionInterceptor] redirecting to debug page java.lang.IllegalStateException: No Authentication could be created, make sure the Component exists in session scope at org.jboss.seam.security.Authentication.instance(Authentication.java:35) at org.jboss.seam.security.adapter.jboss.JBossAuthenticationAdapter.beginRequest(JBossAuthenticationAdapter.java:23) at org.jboss.seam.security.authenticator.Authenticator.beginRequest(Authenticator.java:84) at org.jboss.seam.security.authenticator.ProviderAuthenticator$$EnhancerByCGLIB$$1599b0c6.CGLIB$beginRequest$3(<generated>) at org.jboss.seam.security.authenticator.ProviderAuthenticator$$EnhancerByCGLIB$$1599b0c6$$FastClassByCGLIB$$4d718543.invoke(<generated>) at net.sf.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:167) at org.jboss.seam.interceptors.JavaBeanInterceptor$1.proceed(JavaBeanInterceptor.java:87) at org.jboss.seam.interceptors.SeamInvocationContext.proceed(SeamInvocationContext.java:54) at org.jboss.seam.interceptors.ValidationInterceptor.validateTargetComponent(ValidationInterceptor.java:64) at sun.reflect.GeneratedMethodAccessor179.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.jboss.seam.util.Reflections.invoke(Reflections.java:17) at org.jboss.seam.interceptors.Interceptor.aroundInvoke(Interceptor.java:125) at org.jboss.seam.interceptors.SeamInvocationContext.proceed(SeamInvocationContext.java:61) at org.jboss.seam.interceptors.OutcomeInterceptor.interceptOutcome(OutcomeInterceptor.java:21) at sun.reflect.GeneratedMethodAccessor178.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.jboss.seam.util.Reflections.invoke(Reflections.java:17) at org.jboss.seam.interceptors.Interceptor.aroundInvoke(Interceptor.java:125) at (...)
Where could be a problem ? -
4. Re: Invitation to try new Seam authentication features
baz Aug 23, 2006 7:37 AM (in response to shane.bryzak)Hello,
when deploying the sample application i got an exception:13:25:09,078 ERROR [[/seam-security]] Exception sending context initialized event to listener instance of class org.jboss.seam.servlet.SeamListener java.lang.RuntimeException: error while reading components.xml at org.jboss.seam.init.Initialization.initPropertiesFromXml(Initialization.java:332) at org.jboss.seam.init.Initialization.<init>(Initialization.java:228) at org.jboss.seam.servlet.SeamListener.contextInitialized(SeamListener.java:32) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3729) at [...] Caused by: java.lang.ClassNotFoundException: No ClassLoaders found for: org.jboss.seam.security.ThreadLocalAuthenticationContext at org.jboss.mx.loading.LoadMgr3.beginLoadTask(LoadMgr3.java:306) at org.jboss.mx.loading.RepositoryClassLoader.loadClassImpl(RepositoryClassLoader.java:511) at org.jboss.mx.loading.RepositoryClassLoader.loadClass(RepositoryClassLoader.java:405) at java.lang.ClassLoader.loadClass(ClassLoader.java:251) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:164) at org.jboss.seam.util.Reflections.classForName(Reflections.java:123) at org.jboss.seam.init.Initialization.installComponent(Initialization.java:376) at org.jboss.seam.init.Initialization.initPropertiesFromXml(Initialization.java:292) ... 140 more
As of now i have the latest cvs code base, but i can not find org.jboss.seam.security.ThreadLocalAuthenticationContext
Ciao,
Carsten -
5. Re: Invitation to try new Seam authentication features
shane.bryzak Aug 23, 2006 7:52 AM (in response to shane.bryzak)"msteiner" wrote:
I've followed instructions on wiki and I get exceptions:
When does this exception occur? Does the example app work? -
6. Re: Invitation to try new Seam authentication features
shane.bryzak Aug 23, 2006 7:53 AM (in response to shane.bryzak)"baz" wrote:
As of now i have the latest cvs code base, but i can not find org.jboss.seam.security.ThreadLocalAuthenticationContext
Ciao,
Carsten
I still had a reference to this deleted class in the example app which I've now removed. You can either delete this line from components.xml or get latest from CVS. -
7. Re: Invitation to try new Seam authentication features
msteiner Aug 23, 2006 8:37 AM (in response to shane.bryzak)
When does this exception occur?
Each time when I access any page in my applicationDoes the example app work?
Yes it works perfect.
Where Authentication component should be created ? -
8. Re: Invitation to try new Seam authentication features
baz Aug 23, 2006 9:47 AM (in response to shane.bryzak)Thanks,
the example app is now working.
A questiion: Is this security framework applicable in a pure tomcat environment.
I do have a seam app running on a tomcat where hibernate is running in the jboss microcontainer. This app was dewrived from the seam hibernate example.
Ciao,
Carsten -
9. Re: Invitation to try new Seam authentication features
shane.bryzak Aug 23, 2006 9:53 AM (in response to shane.bryzak)"msteiner" wrote:
When does this exception occur?
Each time when I access any page in my applicationDoes the example app work?
Yes it works perfect.
Where Authentication component should be created ?
Authenticator.beginRequest() should only ever be called from the Lifecycle class, and currently if it throws any exceptions they are simply swallowed by a try..catch block. Would it be possible for you to submit a simple test case to JIRA that replicates this exception? -
10. Re: Invitation to try new Seam authentication features
shane.bryzak Aug 23, 2006 9:58 AM (in response to shane.bryzak)"baz" wrote:
Thanks,
the example app is now working.
A questiion: Is this security framework applicable in a pure tomcat environment.
I do have a seam app running on a tomcat where hibernate is running in the jboss microcontainer. This app was dewrived from the seam hibernate example.
Ciao,
Carsten
To work in Tomcat it would require a custom Realm that could authenticate against the Seam security API. This wouldn't be too hard to write, and I'll probably look at providing this as part of the security API once I get all the other stuff nailed down (unless you want to volunteer :). -
11. Re: Invitation to try new Seam authentication features
msteiner Aug 23, 2006 10:36 AM (in response to shane.bryzak)"sbryzak2" wrote:
Authenticator.beginRequest() should only ever be called from the Lifecycle class, and currently if it throws any exceptions they are simply swallowed by a try..catch block. Would it be possible for you to submit a simple test case to JIRA that replicates this exception?
Ok I know where is the problem.
To replicate exception take security example from cvs, set property debug of org.jboss.seam.core.init = true in components.xml like this:
true
add seam-debug.jar to web-inf/lib in war.
When I turned off debug in my application and it started working fine. -
12. Re: Invitation to try new Seam authentication features
gus888 Aug 23, 2006 2:11 PM (in response to shane.bryzak)I downloaded jboss-seam-CVS.20060822, but I could not find the security example in the examples directory. Can anybody give me a direction? Thank you.
-
13. Re: Invitation to try new Seam authentication features
shane.bryzak Aug 23, 2006 7:32 PM (in response to shane.bryzak)"gus888" wrote:
I downloaded jboss-seam-CVS.20060822, but I could not find the security example in the examples directory. Can anybody give me a direction? Thank you.
The nightly build seems to be missing some other stuff too, not sure why. If you want you could get the project straight from CVS, instructions are here on the wiki:
http://wiki.jboss.org/wiki/Wiki.jsp?page=CVSRepository -
14. Re: Invitation to try new Seam authentication features
shane.bryzak Aug 23, 2006 7:54 PM (in response to shane.bryzak)If you have trouble accessing CVS, the next nightly build should include the security example.