5 Replies Latest reply on May 15, 2008 7:52 PM by billevans

    Extending Identity is problematic

    billevans
    billevans May 15, 2008 1:23 AM

      I have created an Object that extends the Identity class, to give it custom attributes. Everything works fine except that the following does not work:



       <page view-id="/main/main.xhtml" login-required="true"/> 


       


      I think the reason lies in pages.java where it checks to see if login redirect is required:



      private boolean isLoginRedirectRequired(String viewId, Page page)
   {
      return page.isLoginRequired() && 
            !viewId.equals( getLoginViewId() ) && 
            !Identity.instance().isLoggedIn();
   }




      The call to Identity instance() method effectively bypasses my implementation of Identity and always returns false.


      Is this a known problem and if not why not?

      • 265 Views
      • Tags:
        • 1. Re: Extending Identity is problematic
          shane.bryzak
          shane.bryzak May 15, 2008 1:40 AM (in response to billevans)

          Could you post the code for your identity class?

            • Actions
          • 2. Re: Extending Identity is problematic
            billevans
            billevans May 15, 2008 2:35 AM (in response to billevans)

            I'll do better, I show you the code that doesn't work and what I did to fix it:


            First this doesn't work (in the aspect I described before):



            @Name("identity")
@Scope(ScopeType.SESSION)
public class GuardianIdentity extends Identity {

     @In Messages gaMessages;
     @In FacesMessages facesMessages;
     @In(scope=ScopeType.APPLICATION) ConfigurationMgr configMgr;
     @In(scope=ScopeType.APPLICATION) QueryManager raQueryMgr;
     
     @Out(required=false)
     private RiskAppUser user;     
     private HostService hostSvc;
     private long loginTime;
     
     /**
      * Constructor
      */
     public GuardianIdentity() {
     }
          
     /** 
      * @see org.jboss.seam.security.Identity#login()
      */
     public String login() {
          try {
               this.loginTime = System.currentTimeMillis();
               //
               authenticate();
               //
               this.raQueryMgr.onUserLogon(this);
               return "loggedIn";
          }
          catch (LoginException ex) {
               if (Events.exists())
                    Events.instance().raiseEvent(EVENT_LOGIN_FAILED, ex);
               return null;
          }
     }
     /** 
      * @see org.jboss.seam.security.Identity#logout()
      */
     public void logout() {
          this.raQueryMgr.onUserLogout(this);
          super.logout();
     }
     
}



            Now, how I fixed it, basically through delegation:




            @Name("raIdentity")
@Scope(ScopeType.SESSION)
public class GuardianIdentity extends Identity {

     @In Messages gaMessages;
     @In FacesMessages facesMessages;
     @In(scope=ScopeType.APPLICATION) ConfigurationMgr configMgr;
     @In(scope=ScopeType.APPLICATION) QueryManager raQueryMgr;

     // BIG NOTE: Delegation is the name of the game (i.e. we can't inherit). 
     // Reason is that Seam likes to reference Identity by class! 
     // See Pages.isLoginRedirectRequired and follow path. It messes up redirects. 
        @In(create=true) 
        private Identity identity;               
               
     @Out(required=false)
     private RiskAppUser user;
     
     private HostService hostSvc;
     //
     //     The loginTime is used to identify the instance, assuming same user can login multiple times.
     //
     private long loginTime;
     
     /**
      * Constructor
      */
     public GuardianIdentity() {
     }
     
     
     /** 
      * @see org.jboss.seam.security.Identity#login()
      */
     public String login() {
          //
          this.loginTime = System.currentTimeMillis();
          //
          String result = this.identity.login();
          if (result != null) {
               this.getRaQueryMgr().onUserLogon(this);
          }
          return result;          
     }
     /** 
      * @see org.jboss.seam.security.Identity#logout()
      */
     public void logout() {
          this.identity.logout();
          this.getRaQueryMgr().onUserLogout(this);
     }
     

     /** 
      * @see org.jboss.seam.security.Identity#addRole(java.lang.String)
      */
     public boolean addRole(String role) {
          return this.identity.addRole(role);
     }

        ... And all the other public methods delegated to....

     /** 
      * @see org.jboss.seam.security.Identity#setUsername(java.lang.String)
      */
     public void setUsername(String username) {
          this.identity.setUsername(username);
     }
     
}


              • Actions
            • 3. Re: Extending Identity is problematic
              shane.bryzak
              shane.bryzak May 15, 2008 4:00 AM (in response to billevans)

              The name is wrong, it should be org.jboss.seam.security.identity.  There's actually a section in the security chapter of the ref docs that describe how to correctly extend the Identity component:


              http://docs.jboss.com/seam/latest/reference/en/html/security.html#d0e8142

                • Actions
              • 4. Re: Extending Identity is problematic
                billevans
                billevans May 15, 2008 6:33 AM (in response to billevans)

                Ahhhh, interesting.... ok, I'll try that - thanks!

                  • Actions
                • 5. Re: Extending Identity is problematic
                  billevans
                  billevans May 15, 2008 7:52 PM (in response to billevans)

                  Shane,
                  I did as you recommended and after some other tweaks got it working. Thank you very much for your help - guess, next time I should study the manual more carefully!

                    • Actions