7 Replies Latest reply on Mar 25, 2008 1:29 PM by danielc.roth

    More complicated authentication

    trouby

      Hey,


      I'd like to redirect to different authentication form based on the original accessed URL / some configuration parameters.


      I usually redirect to the login form by this:


      <exception class="org.jboss.seam.security.NotLoggedInException">
              <redirect view-id="/Login.xhtml">
                  <message>Please log in first</message>
              </redirect>
          </exception>
      



      But this way is too static for me,


      Is it possible somehow to redirect to a certain login form based on the accessed URL/other configuration parameters somehow? I assume the original page is stored in the 'renderer' component,



      Maybe I can invoke an action through the above exception that will determine what form to redirect too? or there's a better approach?




      Thanks,


      Asaf.

        • 1. Re: More complicated authentication
          keithnaas

          When the redirect to login is evaluated, it will start up the lifecycle again.  Can you use a page element in pages.xml to perform different navigation rules just like you would do for other screens?


          <page view-id="/Login.xhtml">
              <navigation>
                  <rule if="#{someproperty=='login1'}}">
                      <redirect view-id="/Login1.xhtml"/>
                  </rule>
              </navigation>
              <navigation>
                  <rule if="#{someproperty=='login2'}}">
                      <redirect view-id="/Login2.xhtml"/>
                  </rule>
              </navigation>
              
          </page>
          

          • 2. Re: More complicated authentication
            trouby

            Hey,


            I want the login page name to be rendered dynamically,


            Meaning that I'd like the name of the login file name to be resulted from some component's method,


            Is it possible?



            Asaf.

            • 3. Re: More complicated authentication

              According to 5.1.1.2 in the Seam manual


              The view-id may be given as a JSF EL expression:


              <page view-id="/editDocument.xhtml">
              
                  <navigation>
                      <rule if-outcome="success">
                          <redirect view-id="/#{userAgent}/displayDocument.xhtml"/>
                      </rule>
                  </navigation>
                  
              </page>



              I would be surprised if you coudn't do


              <redirect view-id="/#{whateverPage}"/>


              • 4. Re: More complicated authentication
                trouby

                Well,
                Nothing of the suggested options are quit working for me,



                Is there any other ways to redirect to the login page by specifying the page file name dynamically through some method?




                Many thanks

                • 5. Re: More complicated authentication
                  pmuir

                  Explain how Daniel's suggestion is no good, as I can't see how it can't work given your described use case.

                  • 6. Re: More complicated authentication
                    trouby

                    Hey,


                    The NotLoggedIn exception redirects the user to a certain page,


                    Daniel suggested to add a navigation rule for the page that the exception redirects to, right?


                    So I should have something like:


                    <page view-id="/someEmptyLoginPage.xhtml">
                        <navigation>
                            <rule if-outcome="success">
                                <redirect view-id="/#{pageNameRenderedDynamically}"/>
                            </rule>
                        </navigation>
                    </page>
                    




                    1) what is the outcome? the page is redirected by the NotLoggedIn exception, is there an outcome at all?


                    2) maybe I can bypass the usage of the rule? or make the rule result always true?


                    3) should it work at all? I mean, the {pageNameRenderedDynamically} should result an xhtml page name?




                    Many thanks,


                    Asaf.

                    • 7. Re: More complicated authentication

                      Would't this work?


                      <exception class="org.jboss.seam.security.NotLoggedInException">
                              <redirect view-id="/#{loginChecker.redirect}">
                                  <message>Please log in first</message>
                              </redirect>
                          </exception>




                      and then this:



                      @Name("loginChecker")
                      public class LoginChecker
                      
                         public String redirect {
                            if(someThingIsWhatYouLookFor()) {
                               return "myLoginPage1.xhtml";
                            else if(someThingElseIsWhatYouLookFor()) {
                               return "myLoginPage2.xhtml";
                            } else {
                               return "myLoginPage3.xhtml";
                            }
                         }
                      }