-
1. Re: Seam roles and permissions implementation
Hello Philippe,
I run into the exactly same problem. I can retrieve the credentials username, but I can't use the gateIn roles and permisisons.
I tried to map the gateIn role and permission with seam but that doesn't seem to work.
@In
org.jboss.seam.security.Identity identity;
@In
Credentials credentials;
public boolean authenticate() {
System.out.println("crendentials : " + credentials.getUsername());
org.exoplatform.services.security.Identity exoId = ConversationState.getCurrent().getIdentity();
System.out.println("groups : ");
Iterator<String> j = exoId.getGroups().iterator();
if (identity == null)
{
System.out.println("seamId null !!");
}
else
{
while (j.hasNext())
{
String group = j.next();
System.out.println(group);
boolean test = identity.addRole(group);
System.out.println("test : " + test);
System.out.println(identity.getCredentials().getUsername() + " hasGroup : " + identity.hasRole(group));
}
j = exoId.getRoles().iterator();
while (j.hasNext())
{
String role = j.next();
System.out.println(role);
identity.addRole(role);
System.out.println(credentials.getUsername() + " hasRole : " + identity.hasRole(role));
}I can see the exo groups and roles the hasGroup and hasRole method always return false.
Do you find some answers somewhere else ?
Thanks
-
2. Re: Seam roles and permissions implementation
hey Phillipe!!
I am working on the same kind of stuff. I would need some help on the ldapPermissionstore. I tried to find a basic example. I am implmenting my permission store class by interface PermissionStore. I also made a JPApermissionstore and changed the createPermissionQuery in there, what is it that we need to do with the ldap permission store. what directions would i need.
I will really appreciate if i can take a look at your implementation. what I am doing in the mean time is that just create query example I will create a mechanism to actually log in to LDAP and retreive permissions. How? that is still a bit unknown for me. I have never saved permissions in Ldap usualy i have worked with only users authenticating and at max Groups.
also how to connect to an LDAP: dont get me wrong, i hvae authenticated my users through LDAP with ldap identity store. I am just confused on the permissions, connecting to ldap, saving them and retrieving them. In JPApermissionStore we had a table that we used. in ldap it will be gone permissions will be stored in LDAP instead. How did you configure LDAP to save permissions.
It will also be interesting to know, if you were successful with your LDAP permissionstore or not and did you continue that path and what errors do you think I might encounter.
I will really appreciate your help.
Thanks
AR
-
3. Re: Seam roles and permissions implementation
hi
I'm trying also to get access to the roles and the groups of the exo OrganizationStore in GateIn 3.2-Beta1 when using the Portlet-Bridge 2.2.1-Snapshot. @benjamin: So how could you achieve these objects in your portlet?
org.exoplatform.services.security.Identity exoId = ConversationState.getCurrent().getIdentity();
What are the necessary steps to get a UserList into my Portlet using PortletBridge. I also took a look into the gateIn-source-code. There I saw that everything regarding User, Group und Role Administration is done with org.picketlink.idm.api.IdentitySession. There are several interfaces in GateIn and finally the service-class org.exoplatform.services.organization.idm.PicketLinkIDMOrganizationServiceImpl to exceute all user-related queries. The most comfortable way would be the possibility to get access to this class inside of my Portlet. My intention is to get a whole user list with groups and roles of every user to adopt some custom permession rules in my portlet-application..
I hope somebody can help me here.
Regards,
Michael
-
4. Re: Seam roles and permissions implementation
Hi,
I've solved the problem by myself. I took a look into the source code of GateIn. I call directly the PortalContainer in the same ServletContext as it is done in the test methods of the OrganizationService. It works perfect:
{code}
public class PortalUserAction implements Authenticator {
OrganizationService service_;
UserHandler userHandler_;
UserProfileHandler profileHandler_;
GroupHandler groupHandler_;
MembershipTypeHandler mtHandler_;
MembershipHandler membershipHandler_;
private PortalContainer manager;
public boolean authenticate() {
// This code is not used in portal environment when utilitizing the
// PortalIdentity bridgelet.
/*
* List results = em.createQuery(
* "select u from User u where u.username=#{identity.username} and u.password=#{identity.password}"
* ) .getResultList();
*
* if ( results.size()==0 ) { return false; } else { user = (User)
* results.get(0); return true; }
*/
try {
manager = PortalContainer.getInstance();
service_ = (OrganizationService) manager
.getComponentInstanceOfType(OrganizationService.class);
userHandler_ = service_.getUserHandler();
profileHandler_ = service_.getUserProfileHandler();
groupHandler_ = service_.getGroupHandler();
mtHandler_ = service_.getMembershipTypeHandler();
membershipHandler_ = service_.getMembershipHandler();
RequestLifeCycle.begin((ComponentRequestLifecycle) service_);
Query query = new Query();
query.setUserName("*");
PageList users = userHandler_.findUsers(query);
List<User> allUsers = users.getAll();
for (int i = allUsers.size() - 1; i >= 0; i--) {
log.info("User in the portal: #0", allUsers.get(i).getUserName());
}
log.info("All users in the portal: #0", allUsers.size());
RequestLifeCycle.end();
} catch (Exception e) {
log.error(
"Something bad happend when accessing the portal container: \n #0",
e.getMessage());
e.printStackTrace();
}
return Boolean.TRUE;
}
{code}
Hope it helps somebody.
Regards,
Michael