1 2 Previous Next 20 Replies Latest reply on Jul 24, 2008 10:06 AM by shane.bryzak

Seam identity login

bashan Jul 4, 2008 8:23 PM

I am having a weird behavior with Seam and identity login.

1) My username is actually an email. I use identity.rememberMe. It seems like the data after the @ character is being truncated. for example if I use: xx@xxx.com, the username data stored in the cookie is: xx.
2) After doing a logout, then login again, Seam is persisting a new password to my database (it is possible that by making a login, the user data is being persisted to the database somehow)?

This is my bean code:

@Name("authenticator")
public class AuthenticatorAction
{
  @In
  Session myDatabase;

  @Out(required = false, scope = SESSION)
  private User user;

  @Logger
  private Log log;

  @In
  Identity identity;
  
  public boolean authenticate()
  {
    String password = DigestUtils.shaHex(identity.getPassword());
    log.info("Authenticating user: #{identity.username} with password: #{identity.password}");
    List results = nikoniansDatabase.createQuery("select u from User u where " +
        "u.email=#{identity.username} and u.password=:password").setParameter("password", password).list();
    if (results.size() == 0)
    {
      log.info("User: #{identity.username} was not found");
      return false;
    }
    else
    {
      user = (User)results.get(0);
      log.info("User: #{user.email} (user.userId) was authenticated");
      return true;
    }
  }
}

1. Re: Seam identity login

baobaotuo Jul 5, 2008 11:46 AM (in response to bashan)

I meet the same problem.

I checked the cookie directly,it seems that the email was saved correctly in cookie.But when been fetched by the identity for displaying, the email has been truncated.

It seems to be a bug.

Warting for the solution.
Actions

2. Re: Seam identity login

bashan Jul 5, 2008 4:27 PM (in response to bashan)

I have already faced this problem with a non-Seam application. It seems to be a browser specific issue. I think it is related to FireFox 3, since I didn't have it on earlier FireFox versions (but I may be wrong...). Anyway, I simply solved it in the none-Seam application by replacing the @ with ~
. Is there a workaround for this problem in Seam? Is it a reported bug?

3. Re: Seam identity login

baobaotuo Jul 6, 2008 5:10 AM (in response to bashan)

I don't think so.

I get the same problem both in ie/Firefox2/Firefox3.
Other browsers haven't been checked yet.

Besides,I have told that the email saved in cookie is correct.

I'm using SEAM 2.0.2SP1.
Actions
4. Re: Seam identity login

michaelpan Jul 6, 2008 9:50 AM (in response to bashan)

I have the same question.
Actions
5. Re: Seam identity login

bashan Jul 7, 2008 12:41 AM (in response to bashan)

Hi,

Anything new with this issue?
Actions
6. Re: Seam identity login

nathandennis Jul 7, 2008 2:40 AM (in response to bashan)

you guys arent leaving jsf commented out in your xhtml files are you? the interpreter will instantiate things within a comment. it has bit me several times in project i am currently working on..... including but not limited to... over writing my passwords in entity object.
Actions
7. Re: Seam identity login

baobaotuo Jul 7, 2008 8:31 AM (in response to bashan)

you means i should remove all the  in the jsf file?

That's weird.

Althought I removed all the comment in the page, the bug is still there.

Waiting for the official reply.
Actions
8. Re: Seam identity login

shane.bryzak Jul 9, 2008 5:09 AM (in response to bashan)

I can't reproduce this. I tested with the Seamspace example, using shane@test.com as the username, and the cookie was persisted correctly, and also read back correctly into the Identity component. I'm using Firefox 3.
Actions
9. Re: Seam identity login

shane.bryzak Jul 9, 2008 5:10 AM (in response to bashan)

Oh and I should add that I'm also using latest SVN version of Seam. You may wish to try with the same version and see if the issue is still occurring.
Actions
10. Re: Seam identity login

bashan Jul 10, 2008 12:30 AM (in response to bashan)

I just put the latest version of Seam and it still doesn't work.
This is a weird problem, obviously it is not related to Seam but to the cookie mechanism.
I a non-Seam application that I have it just started happening one day about a month ago. I cannot point out what was changed that caused this behavior. It becomes weirder: when I put the non-Seam application in production, it all works well and cookie information is fetched correctly.

Currently the only think I can thing of is that the Antivirus/Firewall (Bitdefender) may be blocking things there, but it seams like a weak assumption... let me know (the others that have this problem) if you are also using Bitdefender... ;-)

Some other thing I wanted to know about this rememberMe feature: Shouldn't it automatically login the user? I go to login screen, put my details and login. Then I take down the webapp and raise it again. It doesn't do autologin. When I go back to the login screen I see the username field filled automatically.

Is there a way of making autologin in Seam (assuming the rememberMe shouldn't do it of course) ?

Thanks,
Guy.
Actions
11. Re: Seam identity login

shane.bryzak Jul 10, 2008 4:58 AM (in response to bashan)

The auto-login feature will only be available in Seam 2.1.0 (where it is still not a recommended practice due to the possibility of XSS attacks).
Actions
12. Re: Seam identity login

bashan Jul 10, 2008 9:40 AM (in response to bashan)

Is this feature already implemented in 2.1.0 (I am trying it now)?

Thanks,
Guy.
Actions
13. Re: Seam identity login

baobaotuo Jul 10, 2008 10:42 AM (in response to bashan)

I have tried this with firefox3.0,the bug is still there.

I will try the Seamspace example.
Actions
14. Re: Seam identity login

bashan Jul 10, 2008 9:12 PM (in response to bashan)

Anything came up the Seamspace example?
Actions

1 2 Previous Next

Go to original post