-
1. Re: Security Auto-Login Question
fernando_jmt Feb 19, 2007 4:00 PM (in response to craig.barker)In the pages.xml add the page configuration for the first page you want to access (usually login.xhtml or home.html) and execute the login before rendering the page.
Somthing like:<page view-id="/login.xhtml" action="#{identity.login}"> <navigation from-action="#{identity.login}"> <rule if="#{identity.loggedIn}"> <redirect view-id="/home.xhtml"/> </rule> </navigation> </page>
The above example means:
When you are trying to access to the page login.xhtml the identity.login action will be executed (same as pressing the button in the page, but without render anything yet), then your authenticator.authenticate method will be called, then if such method returns true, you will be logged in, and the next lines checks if you are logged in using the rule, and if that is true you can redirect the page you want, in this case it is reirecting the home.xhtml (of course already logged in).
HTH. -
2. Re: Security Auto-Login Question
craig.barker Mar 12, 2007 6:17 AM (in response to craig.barker)Excellent that did the trick.
Cheers -
3. Re: Security Auto-Login Question
christian.bauer Mar 12, 2007 6:34 AM (in response to craig.barker)It would be great if you could post the NTLM part of your solution on the Seam wiki.
-
4. Re: Security Auto-Login Question
jjarkko Apr 19, 2007 6:24 AM (in response to craig.barker)What about situation where we just don't know the first Seam page the user is going to hit?
This is the case in portal environments.
Just keep hitting the #{identity.login} everytime?<page view-id="/*" action="#{identity.login}"> </page>
Or can we use @Factory or smt? -
5. Re: Security Auto-Login Question
dilator Apr 19, 2007 8:37 AM (in response to craig.barker)"christian.bauer@jboss.com" wrote:
It would be great if you could post the NTLM part of your solution on the Seam wiki.
Sounds like it could be JCIFS http filter - jcifs.samba.org -
6. Re: Security Auto-Login Question
axismundi Sep 26, 2007 7:35 AM (in response to craig.barker)We need also NTLM authentication and the configuration is quite apparent.
However to me is not clear how to obtain the HTTP-request-headers from my authenticator.autenthicate() EJB3 bean-method in order to call request.getRemoteUser().
Seam provides Annotation for @RequestParameter, but I don't see anything like @HttpRequest to inject to javax.servlet.HttpServletRequest
any suggestion is appeciated. -
7. Re: Security Auto-Login Question
craig.barker Sep 26, 2007 7:44 AM (in response to craig.barker)Hi,
I will get around to posting this up on the WIKI but the 'day job' is currently taking up more than it's fair share of time. When it all calms down i'll get it done.
In answer to your query I use:@In Context sessionContext; ... ((NtlmPasswordAuthentication) sessionContext.get("NtlmHttpAuth")).getUsername()
This allows me to extract the current session user's username, which I then pass off to the real authentication/authorisation code.
Hope this helps.
Craig -
8. Re: Security Auto-Login Question
axismundi Sep 27, 2007 9:13 AM (in response to craig.barker)I have no idea how you happen to have the NT-Login-name available in the session. In our configuration the NT-Login is passed as an attribute of the HTTP-request (and availble via request.getRemoteUser()).
I am using Seam 2 and I have added the authentication logic in my annotaded authentication class.
In components.xml I have configured<security:identity authenticate-method="#{authenticator.authenticate}" />
In pages.xml I have the following config:<page view-id="/login.xhtml"> <action execute="#{identity.login}"/> <navigation from-action="#{identity.login}"> <rule if="#{identity.loggedIn}"> <redirect view-id="/main.xhtml"></redirect> </rule> <rule if="#{not identity.loggedIn}"> <redirect view-id="/loginFailed.xhtml"></redirect> </rule> </navigation> </page>
The login.xml page is not existing. It is just a stub.
The method identity.login() should be called and itself calling authenticator.authenticate() but it isn't.
Any idea why? -
9. Re: Security Auto-Login Question
pmuir Oct 3, 2007 9:16 AM (in response to craig.barker)There are many discussions on the forum about how to execute auto-login.