5 Replies Latest reply on Mar 12, 2009 6:49 PM by gholmer

can't authenticate

gholmer Mar 9, 2009 4:46 PM

I'm learning Seam authentication, but my authenticate method isn't being called (breakpoint not hit). If I go to "index.html" (i.e. index.xhtml), I'm redirected to the login page, but when I log in, I just get a "Login failed" message. This is what I've done (Seam 2.1.1 on GlassFish):

1) created an authentication class:

@Stateless
@Name("authenticator")
public class CsiAuthenticator implements CsiAuthenticatorLocal {
@Override
public boolean authenticate() {

2) created a login form:

<ice:inputText id="csiuser" value="#{credentials.username}"/>
<ice:inputSecret id="csipassword" value="#{credentials.password}"/>
<ice:commandButton value="Login" action="#{identity.login}"/>

3) declared login view, declared main page as requiring login:

<?xml version="1.0" encoding="UTF-8"?>
<pages xmlns="http://jboss.com/products/seam/pages"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://jboss.com/products/seam/pages
       http://jboss.com/products/seam/pages-2.1.xsd"
       login-view-id="/login.xhtml">
<page view-id="/index.xhtml" login-required="true"/>
<navigation from-action="#{identity.login}">
    <rule if-outcome="loggedIn">
      <redirect view-id="/index.xhtml"/>
    </rule>
</navigation>
</pages>

4) declared the authenticator in components.xml:

<security:identity authenticate-method="#{authenticator.authenticate}"/>

Where might I have gone wrong?

1. Re: can't authenticate

swd847 Mar 10, 2009 8:39 AM (in response to gholmer)

Is there any exception being thrown during the login process?
Actions
2. Re: can't authenticate

odomitchi Mar 10, 2009 3:53 PM (in response to gholmer)

Have you found a solution? I am having the exact same problem. And no, I do not see an exception thrown or error. The seam documentation says "org.jboss.seam.loginFailed: This message is produced when the login process fails, either because the user provided an incorrect username or password, or because authentication failed in some other way. " which suggests something else in the process has failed but nowhere in the documentation does it mention what it could be. I review my code and can't seem to find where I have gone wrong neither. (I notice we are both using Identity credentials)

1) components.xml

<security:identity authenticate-method="#{authenticator.authenticate}" remember-me="true"/>

2) Authenticator.java

`@Name("authenticator")
public class Authenticator {
        @Logger
        Log log;

    @In
    Credentials credentials;

        @In
        Identity identity;

        public boolean authenticate() {
                log.info("authenticating #0 ", credentials.getUsername());
        System.out.println("username " + credentials.getUsername() + " and password " + credentials.getPassword());
                identity.addRole("admin");
                return true;
        }
}`

3) login.xhtml

`
<div class="dialog">
        <h:panelGrid columns="2" rowClasses="prop" columnClasses="name,value">
        <h:outputLabel for="username">Username</h:outputLabel>
        <h:inputText id="username" value="#{credentials.username}"/>
        <h:outputLabel for="password">Password</h:outputLabel>
        <h:inputSecret id="password" value="#{credentials.password}"/>
        <h:outputLabel for="rememberMe">Remember me</h:outputLabel>
        <h:selectBooleanCheckbox id="rememberMe" value="#{identity.rememberMe}"/>
        </h:panelGrid>
</div>
`

Please help!
Actions
3. Re: can't authenticate

odomitchi Mar 10, 2009 3:56 PM (in response to gholmer)

the code I copied for login.xhtml isn't complete above. continued...

<div class="actionButtons">
<h:commandButton id="login" value="Login" action="#{identity.login}"/>
</div>
Actions
4. Re: can't authenticate

gholmer Mar 10, 2009 9:37 PM (in response to gholmer)
Stuart Douglas wrote on Mar 10, 2009 08:39:

Is there any exception being thrown during the login process?

It looks like it was a problem with the way I was testing it; putting a logout button on the main page helped find that. I'm getting redirected to the login page and it's calling my authenticate method.

But now my problem is that I can't figure out how to automatically redirect back to the original page request. My first draft had

<navigation from-action="#{identity.login}"> <rule if-outcome="loggedIn"> <redirect view-id="/index.xhtml"/> </rule> </navigation>

in the page descriptor; I removed that and added

<event type="org.jboss.seam.security.notLoggedIn"> <action execute="#{redirect.captureCurrentView}"/> </event> <event type="org.jboss.seam/security.postAuthenticate"> <action execute="#{redirect.returnToCapturedView}"/> </event>

to the component descriptor, but I still stay on the login screen with the Welcome, username message after being authenticated. Have I missed a step?
Actions
5. Re: can't authenticate

gholmer Mar 12, 2009 6:49 PM (in response to gholmer)
Stuart Douglas wrote on Mar 10, 2009 08:39:

Is there any exception being thrown during the login process?

I thought I was past this point, but I guess not. I am not seeing any exceptions, just a log message saying

...severity=(INFO 0), summary=(Login failed)...

and my auth method does not get called.

Sometimes it works and sometimes it just stops working. At first I thought it was how I was testing: not logging out again, not clearing cookies, etc. But at this point it's clear that I'm doing something seriously wrong.

Anybody have any ideas? (When authentication works, I still can't make the redirect back to the original page work, either.)
Actions

Go to original post