"bulloncito" wrote:
I use

Identity identity = Identity.instance() ;

.. (no @In) and then

identity.addRole( someString ) ;

... for each role and everything works fine.

Maybe all those Identity.instance() aren't apropiate (they should be)

I actually tried it all three ways.. With Identity.instance() everywhere.. with @In and with Identity ident = Identity.instance(). None of them work. So I'm guessing I missed something in the config. As an extra note.. This is a default configuration. I did seam new-project and seam generate-entities. then modifed the Authenticator. So it's quite possible I missed a step from the docs...

first I realized the subject said Instance.hasRole() in stead of Identity. That was just a typo in the forum by me.

So I have followed all the instructions and I can't seem to find where I'm going wrong.. It's basic security no drools. Seamgen created the components.xml with a basic drools file.. I tried with and with out that file.. With @In Identity, with Identity ident = Identity.instance() and Identity.instance() everywhere.

This is Seam 2.0Beta with JBoss 4.2.0GA. Windows XP and M$SQL Server for the DB.

Funny thing is I used seam generate-entities which enables security for the Edit actions on entities. This works just fine with my Authenticator module so I'm guessing I'm doing something right. :-)

By the way.. Does anyone know what the security is for the edit pages created by generate-entity? Is it loggedIn? or hasRole("admin")???

Many Thanks!!!
Gary

Here's the output of log.info messages:

12:42:01,392 INFO [Authenticator] adding role: ROLE_VIEW to user: superuser
12:42:01,392 INFO [Authenticator] adding role: ROLE_RUN_LINK to user: superuser
12:42:01,392 INFO [Authenticator] customer:3
12:42:01,392 INFO [Authenticator] Has Role: No
12:42:01,392 INFO [Authenticator] has Role2: No

Here's my Components.xml:

<?xml version="1.0" encoding="UTF-8"?>
<components xmlns="http://jboss.com/products/seam/components"
 xmlns:core="http://jboss.com/products/seam/core"
 xmlns:persistence="http://jboss.com/products/seam/persistence"
 xmlns:drools="http://jboss.com/products/seam/drools"
 xmlns:security="http://jboss.com/products/seam/security"
 xmlns:mail="http://jboss.com/products/seam/mail"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation=
 "http://jboss.com/products/seam/core http://jboss.com/products/seam/core-2.0.xsd
 http://jboss.com/products/seam/persistence http://jboss.com/products/seam/persistence-2.0.xsd
 http://jboss.com/products/seam/drools http://jboss.com/products/seam/drools-2.0.xsd
 http://jboss.com/products/seam/security http://jboss.com/products/seam/security-2.0.xsd
 http://jboss.com/products/seam/mail http://jboss.com/products/seam/mail-2.0.xsd
 http://jboss.com/products/seam/components http://jboss.com/products/seam/components-2.0.xsd">

 <core:init debug="@debug@" jndi-pattern="@jndiPattern@"/>

 <core:manager concurrent-request-timeout="500"
 conversation-timeout="120000"
 conversation-id-parameter="cid"/>

 <persistence:filter name="customerFilter" enabled="#{identity.loggedIn}">
 <persistence:name>customerFilter</persistence:name>
 <persistence:parameters>
 <key>customerId</key>
 <value>#{customerId}</value>
 </persistence:parameters>
 </persistence:filter>

 <persistence:managed-persistence-context name="entityManager"
 auto-create="true"
 entity-manager-factory="#{knxseamEntityManagerFactory}">
 <persistence:filters>
 <value>#{customerFilter}</value>
 </persistence:filters>
 </persistence:managed-persistence-context>

 <persistence:entity-manager-factory name="knxseamEntityManagerFactory"
 persistence-unit-name="knxseam"/>
 <security:identity authenticate-method="#{authenticator.authenticate}"
 remember-me="true"/>

 <event type="org.jboss.seam.notLoggedIn">
 <action expression="#{redirect.captureCurrentView}"/>
 </event>
 <event type="org.jboss.seam.postAuthenticate">
 <action expression="#{redirect.returnToCapturedView}"/>
 </event>

 <mail:mail-session host="localhost" port="2525" username="test" password="test" />

</components>

Here's my Authenticator code:

@Name("authenticator")
public class Authenticator {
 @Logger
 Log log;

 @In
 EntityManager entityManager;

 public boolean authenticate() {
 try {
 UserAccount user = (UserAccount) entityManager
 .createQuery(
 "from UserAccount where name = :username and authenticationCredentials = :password")
 .setParameter("username", Identity.instance().getUsername())
 .setParameter("password", Identity.instance().getPassword())
 .getSingleResult();
 if (user.getAuthoritieses() != null) {
 for (Authorities role : user.getAuthoritieses()) {
 log.info("adding role: #0 to user: #1", role.getAuthority(), Identity.instance().getUsername());
 Identity.instance().addRole(role.getAuthority());
 }
 }
 Identity.instance().addRole("admin");
 log.info("customer:#0", user.getCustomer().getCustomerId());
 log.info("Has Role: #0", (Identity.instance().hasRole("ROLE_RUN_LINK"))?"Yes":"No");
 log.info("has Role2: #0", (Identity.instance().hasRole("admin"))?"Yes":"No");
 Contexts.getSessionContext().set("customerId", user.getCustomer().getCustomerId());
 return true;
 } catch (NoResultException ex) {
 FacesMessages.instance().add("Invalid username/password");
 return false;
 }
 }
}

 

"shane.bryzak@jboss.com" wrote:
Calling addRole() when you are not authenticated yet puts the roles into a temporary list. They only become real roles once authentication is complete, which is why calling hasRole() in the authenticator method returns false.

That explains it! I did the log messages in another action and see that the user is indeed in the appropriate roles.

Thanks!