Hi Erik,

Did you ever make any progress on this issue?

I hope you get a chance to post your code here or in the Liferay forums...  That would be great!  And if you have any additional progress, please detail it.

Another issue that I've been thinking about is I have a lot of entities that reference the user entity.  I'm sure there's an entity in Liferay that holds the user info (id, username, password).  I'm currently using Seam, ICEfaces, and JPA...  What would I need to do to reference the Liferay user entity, especially since the entity probably will not be managed by JPA?

Since the user logs into the portal, you can find that user by returning a com.liferay.portal.model.User object from

FacesContext fc=FacesContext.getCurrentInstance();
ExternalContext ec = FacesContext.getCurrentInstance();
String portletUser = ec.getPortletUser();

com.liferay.portal.model.User currentUser=(com.liferay.portal.model.User)UserLocalServiceUtil.getUserById(Long.parseLong(portletUser));

Hope this is what you were referring to and that it helps.  This returns the user object that is logged into the Liferay portal.

Thanks for that snippet of code Judy.  I think that will help in a few ways as I start integrating my ICEfaces/Seam app with Liferay.

Nonetheless, that is not the crux of my problem.  I'll have a set of entities that uses JPA - i.e. I'll have a bunch of JPA entity classes.  Because I haven't started using Liferay yet (I'm only using Seam and ICEfaces right now), I have a JPA entity class that represents a user.  Most (actually, I believe all) of my other entity classes reference this User entity class.  For example, my other entities class have a createdby field that references the User entity.

However, I can foresee an issue when I add my code to Liferay.  There will be a few issues:

• I want to use Liferay's authentication mechanisms


• I also want to keep Seam Security and its features


• I want to use JPA wherever possible

The question is - how will my JPA entities reference Liferay's user entity(ies) which are probably not JPA entities?  This is probably a generic question - how does one deal with non-JPA entities in a JPA entity world?  Would I need to rewrite my JPA entities to reference non-JPA entities?  Is this even possible?  What would I need to do (or write additional code) to use Seam Security in Liferay?

I've looked into this issue some more.  My requirements have changed slightly - I now plan to use Liferay's login mechanism - its User entity.  So when a user logs in via Liferay, it would be nice if I could force an Identity component login (and perhaps outject a JBPM actor component).

I was trying to use the Liferay hooks to do this, implementing a listener for the postlogin event but this wasn't working for me.  Here's my following implementation of Liferay's Action class:

package test;

import java.io.Serializable;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.jboss.seam.bpm.Actor;
import org.jboss.seam.contexts.Contexts;
import org.jboss.seam.contexts.Lifecycle;
import org.jboss.seam.security.Identity;

import com.liferay.portal.PortalException;
import com.liferay.portal.SystemException;
import com.liferay.portal.kernel.events.Action;
import com.liferay.portal.kernel.events.ActionException;
import com.liferay.portal.model.Role;
import com.liferay.portal.service.UserLocalServiceUtil;

public class PostLogin extends Action implements Serializable {
     private static final long serialVersionUID = 7597914798087405678L;

     @Override
     public void run(HttpServletRequest arg0, HttpServletResponse arg1)
               throws ActionException {

          Lifecycle.beginCall();

          try {
               Identity identity = Identity.instance();
               identity.acceptExternallyAuthenticatedPrincipal(arg0
                         .getUserPrincipal());

               // Set actor for JBoss JBPM
               Actor actor = Actor.instance();
               actor.setId(arg0.getUserPrincipal().getName());

               if (UserLocalServiceUtil.getUser(
                         Long.parseLong(arg0.getUserPrincipal().getName()))
                         .getRoles() != null) {
                    for (Role mr : UserLocalServiceUtil.getUser(
                              Long.parseLong(arg0.getUserPrincipal().getName()))
                              .getRoles()) {
                         identity.addRole(mr.getName());
                         actor.getGroupActorIds().add(mr.getName());
                    }
               }

               Contexts.getSessionContext().set("identity", identity);
               Contexts.getSessionContext().set("actor", actor);
          } catch (NumberFormatException e) {
               // TODO Auto-generated catch block
               e.printStackTrace();
          } catch (PortalException e) {
               // TODO Auto-generated catch block
               e.printStackTrace();
          } catch (SystemException e) {
               // TODO Auto-generated catch block
               e.printStackTrace();
          }
          Lifecycle.endCall();
     }
}

This doesn't seem to work - it doesn't throw any exceptions though.  It looks as though the session isn't started until one views a Seam portlet - thus the outjection of the identity component somehow gets lost and the identity component is created anew when the portlet is accessed.

Does anyone have any additional ideas for an easy integration?  I've also thought about creating an httpsessionlistener, but I'm not sure how to get the user principal from the HttpSessionEvent object.  I'm thinking there are probably other methods available, but I wanted to use easier ways of getting the user principal info into the corresponding Identity component.

I am also searching this......... Thanks