-
1. Re: JAAS Authentication and the actor
norman.richards Jul 23, 2007 11:52 AM (in response to harpritt)Why can't you do that in your authenticate method?
-
2. Re: JAAS Authentication and the actor
harpritt Jul 23, 2007 4:00 PM (in response to harpritt)hi man
i was under the impression (i was told by my senior ...hahah) that authenticator was a default class.
...... -
3. Re: JAAS Authentication and the actor
harpritt Jul 23, 2007 5:05 PM (in response to harpritt)Hi again
so am i right in saying that in the case below SMSLDAP will be used to authenticate the user trying to login and then the authenticator.authenticate method is called, and it is here that i can add my roles to the actor object.<security:identity authenticate-method="#{authenticator.authenticate}" jaas-config-name="SMSLDAP"/>
because otherwise i dont see what purpose the authenticator.authenticate method serves.
Im a noob .... i know... i hate secuirity.... i prefer unreal tournament and beer...
cheers again lads -
4. Re: JAAS Authentication and the actor
shane.bryzak Jul 23, 2007 6:06 PM (in response to harpritt)The authenticate-method and jaas-config-name options are mutually exclusive, i.e. if you specify a jaas-config-name (instead of using the default SeamLoginModule) then JAAS authentication will be done using that configuration and the method configured with authenticate-method won't be called.
If you just want to run some code after authentication is done you can create a org.jboss.seam.postAuthenticate event to do that. See chapter 5 of the reference docs for more info on events. -
5. Re: JAAS Authentication and the actor
harpritt Jul 24, 2007 4:17 AM (in response to harpritt)Shane
Your a flipping star
nice one mate!
youve saved me a real headache... i must have looked all over and asked everyone what the deal was with the doc examples with having BOTH the authenticate-method and jass-config-name... like this...<security:identity authenticate-method="#{authenticator.authenticate}" jaas-config-name="SMSLDAP" />
....its off to chapter 5 we go..... hiiiiiii hooooooooooooooooooo
Cheers again -
6. Re: JAAS Authentication and the actor
harpritt Jul 24, 2007 6:43 AM (in response to harpritt)Done and double done
<!--security:identity authenticate-method="#{login.login}"/--> <security:identity jaas-config-name="SMSLDAP"/> <!-- this is cool, it allows us to specify a method to call after the user is authenticated we will use this to populate our actor object--> <event type="org.jboss.seam.postAuthenticate"> <action expression="#{login.login}"/> </event>
-
7. Re: JAAS Authentication and the actor
harpritt Jul 24, 2007 9:18 AM (in response to harpritt)Hope this helps another poor sole...
this is how i populate my actor object from the identity
public boolean login() {
actor.setId(identity.getUsername());
Iterator principleItr = identity.getSubject().getPrincipals().iterator();
while(principleItr.hasNext()){
Object principle = principleItr.next();
if (principle instanceof SimpleGroup){
SimpleGroup simpleGroup = (SimpleGroup) principle;
Enumeration simpleGroupMembers = simpleGroup.members();
while(simpleGroupMembers.hasMoreElements()){
SimplePrincipal aPrincipal = (SimplePrincipal)simpleGroupMembers.nextElement();
actor.getGroupActorIds().add(aPrincipal.getName());
}
}
}
return true;
} -
8. Re: JAAS Authentication and the actor
jgeraert Oct 20, 2007 1:22 AM (in response to harpritt)Thank you for helping this poor sole :)
I think this should go into documentation ...
Best regards,
Jo -
9. Re: JAAS Authentication and the actor
pmuir Oct 23, 2007 7:21 AM (in response to harpritt)Fee free to create a page on the wiki to hold this information.