2 Replies Latest reply on Nov 30, 2011 3:07 AM by lucasvc

Seam Security example: openid-rp in Tomcat 6

lucasvc Nov 29, 2011 4:47 AM

I'm trying to deploy the openid-rp example from Seam Security 3.1.0.Beta4 in a Tomcat 6 (Tomcat 7 throws an error I'll post later ;)). Tomcat (6 or 7) and Seam version 3.1.0.Beta4 are a must (in this moment, later maybe not).

The webapp deploys correctly, and the navigation is correct. But when I access Login.jsf, click login button, it does nothing (well, it refreshes the Login page, but no new log).

The WEB-INF/beans.xml is:

<?xml version="1.0" encoding="UTF-8"?>
<beans
     xmlns="http://java.sun.com/xml/ns/javaee"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xmlns:s="urn:java:ee"
     xmlns:security="urn:java:org.jboss.seam.security"
     xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://jboss.org/schema/cdi/beans_1_0.xsd">

     <security:Identity>
          <s:modifies />
          <security:authenticatorClass>org.jboss.seam.security.external.openid.OpenIdAuthenticator</security:authenticatorClass>
     </security:Identity>
     <!-- <alternatives>
          <class>org.jboss.seam.security.external.openid.OpenIdRpInApplicationScopeProducer</class>
          </alternatives> -->
</beans>

As docs says, but when debugging and stopping the webapp exection at org.jboss.seam.security.IdentityImpl.authenticate(), I can see that authenticatorClass is null, so the code will lookup (org.jboss.seam.security.IdentityImpl.lookupAuthenticator() line 352) for other authenticator. When iterates over a list with authenticator references, OpenID authenticator exists, but it finally takes the IdmAuthenticator, which will fail the process.

I've tested the in beans.xml also the security:authenticatorName, but also was null in the breakpoint.

If I modified one of the values during execution (assingnin authenticatorName=openIdAuthenticator, it calls correctly the OpenID authenticator and the process continues.

Then, I stomped against this bug, which I thought it could be that Solder wasn't reading the beans.xml. I followed the workaround, and included in the WEB-INF/classes/META-INF and the logs showed that Solder now readed it (this line didn't appear before [10:15:22,900] solder.logging.Logger [INFO] Reading XML file: file:/C:/Users/lucas.ventura/work/servers-deploy/tomcat6-seam/wtpwebapps/seam-security-openid-rp/WEB-INF/classes/META-INF/beans.xml)... but the null still is there :(

So, where is the problem? Is not Solder-220 bug, but I'm not sure, althougth it is Unresolved, right? Or it is maybe the lookup function that should take the OpenID authenticator if finds first, and not last?

Thanks :)

1. Re: Seam Security example: openid-rp in Tomcat 6

lightguard Nov 29, 2011 1:19 PM (in response to lucasvc)

If you can use classes/META-INF/seam-beans.xml that is the preferred way.
Actions
2. Re: Seam Security example: openid-rp in Tomcat 6

lucasvc Nov 30, 2011 3:07 AM (in response to lucasvc)

Thanks for the reply.

Jason Porter wrote on Nov 29, 2011 13:19:

If you can use classes/META-INF/seam-beans.xml that is the preferred way.

If I understood, you ask me to use the beans.xml I posted before, but in that folder and using that name, right?
Well, I tested too this option, and neither worked (is the workaround indicated in the SOLDER-220 issue). Even worse, using the classes/META-INF/seam-beans.xml workaround the class OpenIdRelyingPartyCustomizer (which configures the RP and other things) is not getting called... So there is something weird :S

Also in reference to this example (I have more doubts and problems with the openid-op but I'll try to open a new topic :P) it is supposed to be after startup a servlet on webapp/openid/RP/OpenIdService which will be called after the user login but... there is not. I need to add it manually in the web.xml or using ServletContext.addServlet() in the Customizer class. Is this normal?
Actions

Go to original post