-
1. Re: Seam Pros - Need advice....
dan.j.allen Nov 5, 2008 7:44 PM (in response to indyjones2)You don't need to activate it in components.xml. If you are writing a custom implementation for a built-in Seam component, you simply allow it to be installed (the default) and it will override the built-in name. The only reason you have to enable the built-in Seam implementations (ldap or jpa) is because Seam leaves it open as to which one you will use (hence, they are not installed by default). Here is how you would define your component:
@Name("org.jboss.seam.security.identityStore") @Scope(APPLICATION) @BypassInterceptors public class ActiveDirectoryIdentityStore implements IdentityStore, Serializable { ... }
That definition implies the following:
@Install(precendence = Install.FRAMEWORK, value = true)
If you would rather make it not installed by default @Install(false), and instead enable it in components.xml, you can simply use a generic component definition:
<component name="org.jboss.seam.security.identityStore" class="com.componyname.ActiveDirectoryIdentityStore"/>
-
2. Re: Seam Pros - Need advice....
indyjones2 Nov 5, 2008 8:14 PM (in response to indyjones2)Thanks so much!
I got one more thing to bother ya with....
If I enabled my custom implementation through the components.xml, how hard is it to add configuration parameters?
Example:
<component name="org.jboss.seam.security.identityStore" class="com.componyname.ActiveDirectoryIdentityStore" url="1.1.1.1" />
-
3. Re: Seam Pros - Need advice....
shane.bryzak Nov 5, 2008 11:41 PM (in response to indyjones2)You shouldn't need to write your own IdentityStore, it should just be a matter of configuring LdapIdentityStore correctly to connect to your Active Directory server.
-
4. Re: Seam Pros - Need advice....
indyjones2 Nov 6, 2008 5:15 PM (in response to indyjones2)Works perfectly....
I did the following...
1. Create Java Class Implementing org.jboss.seam.security.management.IdentityStore
2. Method authenticate() looks like this...
try { Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "LDAP://server:389"); env.put(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5"); env.put(Context.SECURITY_PRINCIPAL, username); env.put(Context.SECURITY_CREDENTIALS, password); DirContext ctx = new InitialDirContext(env); ctx.close(); } catch(NamingException ne) { return false; } catch(Exception e){ return false; } return true;
3. I wanted to be able to decide when to use this authentication or not...so I modified my components.xml with the following:
<component name="org.jboss.seam.security.identityStore" class="com.componyname.ActiveDirectoryIdentityStore"/>
4. Will now authenticate through Active Directory
Now I will add the elements to my component xml and I am off and running....
thanks
indy
-
5. Re: Seam Pros - Need advice....
traviskds Nov 19, 2008 3:18 AM (in response to indyjones2)Can someone please point me to any resource on how to configure the LdapIdentifyStore with Active Directory? Have been searching on this for awhile and haven't seen a complete post similar to what Shane did with openLDAP. I have JXplorer and if there is a post where it shows what active directory attribute maps to what seam configuration attribute will be great. I think I am getting errors due to the roles concept which active directory does not have and uses groups instead.