I have a Seam application that have to use an external one to login. The logic is as follows:

- My app sends user to external SSO URL
- User provides credentials there and what it takes
- On success, the external app redirects user back to my app with a random token
- My code should contact the external app via HTTP with the passed token and get complete user information in return

Pretty straightforward. But I'm stuck.

The redirect is coming to /seam/resources/token. I was intended to get Identity from the session, populate it with token, and authenticate. But in the resource handler the user session is apparently not visible: session context is null. :(

I tried to do LifeCycle.beginCall there, and it works in a sense: authentication logic works, but the result never get available to the user (user's session still has empty Identity).

What do I do wrong?

P.S. Here is more or less complete code of my resource handler. Logging and other unrelated stuff removed for brevety.

@Scope(ScopeType.APPLICATION)
@Name("tokenResource")
// @BypassInterceptors
public class TokenResource extends AbstractResource {
    @Override
    public String getResourcePath() {
        return "/token";
    }

    @Override
    public void getResource(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
         String token = request.getParameter("token");

        // woot?
         Lifecycle.beginCall();
         
         Identity identity = Identity.instance(); 
         MyIdentity mid = (MyIdentity) identity;
         mid.setToken(token);
         mid.login();
        
        response.sendRedirect("/home.seam");
    }
}