3 Replies Latest reply on Dec 18, 2008 3:52 PM by emiakoup

    Authentication with identity management

    emiakoup
    emiakoup Dec 15, 2008 8:59 PM

      Hello,
      i ran into a little concern. I really want to use identity management. I have inheritence for Users. That is User is an abstract class and its children are different type of users. It basically has credentials (username, password and other option relevant to a user as a whole). Now how do i identityManagement.createUser? Since there could as many flows as types of users and for user-class i definately have to specify the User. I can always register a new user by persisting him/her to db, and then call identityManager.createUser? Would't second call return fallse? Having only one type of user for whole application would greatly complicate design. If you have any suggestions... 

        • 1. Re: Authentication with identity management
          shane.bryzak
          shane.bryzak Dec 15, 2008 10:38 PM (in response to emiakoup)

          You will need to extend JpaIdentityStore and override the createUser() method.  In particular, the following line will need to be changed to create an instance of the correct user type:



            Object user = userClass.newInstance();



            • Actions
          • 2. Re: Authentication with identity management
            shane.bryzak
            shane.bryzak Dec 15, 2008 10:39 PM (in response to emiakoup)

            Actually, if you'd like to raise a feature request in JIRA, I can probably abstract the user instance creation out to another method which can also raise some kind of event to allow you to manipulate the new object.

              • Actions
            • 3. Re: Authentication with identity management
              emiakoup
              emiakoup Dec 18, 2008 3:52 PM (in response to emiakoup)

              Hello,
              i raised a feature request - https://jira.jboss.org/jira/browse/JBSEAM-3846
              also i implemented this functionality (i posted the zip).
              i made three little modifications to:
              IdentityManager, IdentityStore and JpaIdentityStore. The application ran as expected. I did run into a validation problem: since password is hashed, length validator failed (i had 15 max set) so i set hash to none. But again i definately had to validate on input. Is there hashing algorithm that at the end there will be same number of characters?


              p.s i did not extend IdentityManager, IdentityStore and JpaIdentityStore since i would have to go through configuring new classes (how do i do this?) for a single method only. I decided to add methods instead. Please review it.

                • Actions