-
1. Re: Double authentication in different parts of a site
Try using the same login xhtml code except pass a param in the h:commandButton to denote userType, then in your Authenticate @RequestParameter String userType which you can do the logic after that for the database queries.
-Samuel -
-
3. Re: Double authentication in different parts of a site
Hello,
I have a other problem with my authentication. My idea was to extend RuleBasedIdentity and so create ECIdentity class.
Here is my program:
component.xml<security:identity class="ecidentity" authenticate-method="#{authenticator.authenticate}" security-rules="#{securityRules}"/>
ECIdentity.java@Name("ecidentity") @Scope(SESSION) @Intercept(InterceptionType.AFTER_RESTORE_VIEW) @Startup public class ECIdentity extends RuleBasedIdentity { String role = null; public String login() { System.err.println("First login"); return super.login(); } }
Authenticator.java@Name("authenticator") public class Authenticator { @Logger Log log; @In(value="ecidentity") ECIdentity ecIdentity; @In EntityManager entityManager; @In("#{messages['ErrorOnLogin']}") private String LoginError; public boolean authenticate() { System.err.println("First authenticate"); System.err.println("Username = "+ECIdentity.instance().getUsername()); try { String hashedPassword = Util.createPasswordHash("MD5", Util.BASE64_ENCODING, null, null,ECIdentity.instance().getPassword()); Mb member = (Mb) entityManager.createQuery( "from Mb where login = :username and passwd = :password") .setParameter("username", ECIdentity.instance().getUsername()) .setParameter("password", hashedPassword) .getSingleResult(); return true; } catch (NoResultException ex) { FacesMessages.instance().add(LoginError); return false; } } }
And when I submit (the action performed is #{ecidentity.login} ), I get the following error message in the console:15:46:53,967 ERROR [STDERR] First login 15:46:54,386 ERROR [STDERR] First authenticate 15:46:54,387 ERROR [STDERR] Username = null 15:46:54,411 ERROR [SeamLoginModule] Error invoking login method javax.faces.el.EvaluationException: Exception while invoking expression #{authenticator.authenticate} at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:153) at org.jboss.seam.actionparam.ActionParamBindingHelper.invokeTheExpression(ActionParamBindingHelper.java:58) at org.jboss.seam.actionparam.ActionParamMethodBinding.invoke(ActionParamMethodBinding.java:75) at org.jboss.seam.core.Expressions$2.invoke(Expressions.java:148) at org.jboss.seam.security.jaas.SeamLoginModule.login(SeamLoginModule.java:104) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ... ... Caused by: java.lang.NullPointerException at org.jboss.security.Util.createPasswordHash(Util.java:407) at org.jboss.security.Util.createPasswordHash(Util.java:378) at com.easycity.ejb.Authenticator.authenticate(Authenticator.java:35) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
I have no idea why my ECIdentity object isn't reacheable.
Thanks for your help.
Best regards
PC -
4. Re: Double authentication in different parts of a site
Something to add:
When the seam login page is loading, the term print on screen16:25:30,082 INFO [ServletCacheAdministrator] Created new instance of ServletCacheAdministrator 16:25:30,083 INFO [ServletCacheAdministrator] Created new application-scoped cache at key: __oscache_cache 16:25:30,372 INFO [Lifecycle] starting up: org.jboss.seam.security.identity 16:25:32,059 INFO [Lifecycle] starting up: ecidentity
Is that normal to load twice identity & ecidentity for my use ?