6 Replies Latest reply on Mar 21, 2007 6:29 PM by shane.bryzak

cannot make authenticator work

laksu Mar 16, 2007 1:53 PM

Hi,
Trying seam security features. Just like the example from manual I have added the authenticator class into components.xml
Here is my components.xml:

<?xml version="1.0" encoding="UTF-8"?>

<components xmlns="http://jboss.com/products/seam/components"
 xmlns:core="http://jboss.com/products/seam/core"
 xmlns:security="http://jboss.com/products/seam/security"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="
 http://jboss.com/products/seam/core http://jboss.com/products/seam/core-1.1.xsd
 http://jboss.com/products/seam/components http://jboss.com/products/seam/components-1.1.xsd
 http://jboss.com/products/seam/security http://jboss.com/products/seam/security-1.1.xsd
">

 <core:init jndi-pattern="java:comp/env/gop-ejb/#{ejbName}/local" debug="true"/>

 <core:manager conversation-timeout="120000"
 concurrent-request-timeout="500"
 conversation-id-parameter="cid"
 conversation-is-long-running-parameter="clr"/>

 <core:transactionListener/>

 <core:ejb installed="@embeddedEjb@"/>

 <security:identity authenticate-method="#{otantikamator.otantikmi}"/>


</components>

I have a stateless bean Otantikamator @named as "otantikamator" having a method "otantikmi".
However, it does not get called. Regardless of what I write as the "authenticate-method" in "components.xml", it does not fire any exception or something but call some standard authenticator (I imagine) and a "Login failed" is messaged.

Best regards

1. Re: cannot make authenticator work

norman.richards Mar 16, 2007 11:09 PM (in response to laksu)

Can you verify (using debug.seam) what the authenticateMethod valid is on the instance of identity in the session?
Actions
2. Re: cannot make authenticator work

laksu Mar 19, 2007 5:18 AM (in response to laksu)
Seems like it is OK. I am including the full output in case you notice something weird. BTW I am using SJSAS 9 and I tried with both Seam 1.1.6 and 1.2.0 p1.
Thank you for the help.

authenticateMethod #{otantikamator.otantikmi} class class org.jboss.seam.security.RuleBasedIdentity cookieEnabled false cookieMaxAge 31536000 jaasConfigName loggedIn false password principal rememberMe false securityContext securityRules subject Subject: username toString() org.jboss.seam.security.RuleBasedIdentity@1099f71
Actions
3. Re: cannot make authenticator work

laksu Mar 20, 2007 12:36 PM (in response to laksu)

In my last message, I sound like the problem was solved but that is not the case. I still have the problem.
It looks like it goes through some default/stock authenticator instead of what I described. I cannot tell if this is the case. And my only reference is the reference manual. Could I look up some other documentation or what?
Actions
4. Re: cannot make authenticator work

shane.bryzak Mar 20, 2007 6:33 PM (in response to laksu)

Set a breakpoint in SeamLoginModule.login() and see if it gets invoked. Also check the MethodBinding variable in this method to confirm it correctly refers to your authentication method.
Actions
5. Re: cannot make authenticator work

laksu Mar 21, 2007 11:46 AM (in response to laksu)

Got it. It was unable to call my method as it was not included in the web.inf as SJSAS requires EJBs to be declared.
It now works but:
I traced down with the debugger and it generated some exception down there which did not surface (which, IMHO, would rather be thrown/logged). It simply adds a JSF message "login failed". Alternatively It does add a message "Welcome [username]" if login succeeds.
How do I override this default behaviour to add a message of my preference or most probably a localized message?
Actions
6. Re: cannot make authenticator work

shane.bryzak Mar 21, 2007 6:29 PM (in response to laksu)

You can override the messages. See this post:

http://www.jboss.com/index.html?module=bb&op=viewtopic&t=101074
Actions

Go to original post