0 Replies Latest reply on Sep 6, 2009 11:04 AM by derkd

    Multiple identity stores

    derkd
    derkd Sep 6, 2009 11:04 AM

      Hi all,


      I have defined 2 identity stores because I have 2 different implementations of user who should login on my site.
      I defined the stores in 


      components.xml



      like this:




      <security:identity authenticate-method="#{authenticationManager.authenticate}"/>
   <security:jpa-identity-store name="jobSeekerIdentityStore"
   user-class="nu.anoniemsolliciteren.account.jobseeker.JobSeekerAccount" 
   role-class="nu.anoniemsolliciteren.account.role.Role"/>  
   
   <security:jpa-identity-store name="employerIdentityStore"
   user-class="nu.anoniemsolliciteren.account.employer.EmployerAccount" 
   role-class="nu.anoniemsolliciteren.account.role.Role"/>





      I also made an login method, it looks like this:



      @Transactional 
     public boolean authenticate() {
          log.info("authenticating {0}", credentials.getUsername());

          try {
//               currentAccount = jobSeekerAccountHome.getJobSeekerAccountByUserName(credentials.getUsername());
               log.debug("try to do a lookup with username: " + credentials.getUsername());
               currentAccount = (JobSeekerAccount) jobSeekerIdentityStore.lookupUser(credentials.getUsername());
               if(currentAccount == null) {
                    log.debug("We didn't found the user in the jobseekers table, now try employer with username: " + credentials.getUsername());
                    currentAccount = (EmployerAccount) employerIdentityStore.lookupUser(credentials.getUsername());
               }
               
               if(currentAccount == null){
                    log.debug("could not find currentAccount");
                    throw new NoResultException();
               }

               if (currentAccount.getUserRoles() != null) {
                    Set<Role> roles = (Set<Role>)currentAccount.getUserRoles();
                    for (Role role : roles) {
                         log.debug("try to add the role " + role.getName() + " to identity");
                         if(identity != null){
                              identity.addRole(role.getName());
                         }else{
                              log.debug("identity == null");
                              return false;
                         }
                    }
               }

               if (!validatePassword(credentials.getUsername(), credentials.getPassword(), currentAccount)) {
                    return false;
               }
               identity.addRole("member");
               return true;
          } catch (NoResultException e) {
               log.error(e);
               return false;
          }
     }





      But now I need to know what kind of user is trying to login in. I now search both identity stores to find a match but if both implementations have the samen username than this method won't work anymore. I hoped a hidden field would do the trick but can't find an example. How can I a hidden field to the backing bean? Or does someone knows a better solution?


      ps. my registration thing is based on thelabdude.blogspot.com/2009/05/updates-to-seam-user-registration.html


      regards,


      Derk