This content has been marked as final.
Show 1 reply
-
1. Re: Possible action before JAAS athentication?
virgo47 May 22, 2008 4:09 PM (in response to virgo47)OK, it wasn't easy to Google it but after few iterations it wasn't that hard to implement simple method:
@Observer(Identity.EVENT_PRE_AUTHENTICATE) public void checkUserInDb() throws PreAuthException { if (em.createQuery("select u from User u where u.login=#{identity.username}").getResultList().size() == 0) { throw new PreAuthException(); } }
And in pages.xml:
<exception class="sk.bgs.controlling.web.action.PreAuthException"> <redirect view-id="/login.xhtml"> <message severity="warn">Login failed</message> </redirect> </exception>
This caused that user missing in DB resulted into the same effect like wrong name/password test against LDAP.
I originally tried to use NotLoggedInException, but I wasn't able to catch it and redirect in pages.xml - I always ended on debug page. Don't know why because examples of pages.xml with NotLoggedInException are very often. ;-)