1 Reply Latest reply on Sep 3, 2012 11:56 PM by brieweb

Where do I put actor.setId when using jaas authentication?

brieweb Aug 6, 2012 7:58 PM

If I look at the todo example, it sets the actor id in the authenticator bean. But, when I switch to using JBoss' jaas authentication, I just put the following in my components.xml and it does the authentication for me. Where can I put the actor.setId?

brian

old way of referencing authenticator.

<security:identity authenticate-method="#{authenticator.authenticate}" remember-me="true"/>

New way. But now I don't have a class to put the actor.setId in.

<security:identity jaas-config-name="example" remember-me="true"/>

Old java class follows.

package dastuff.action;

import javax.ejb.Stateless;

import org.jboss.seam.annotations.In;

import org.jboss.seam.annotations.Logger;

import org.jboss.seam.annotations.Name;

import org.jboss.seam.bpm.Actor;

import org.jboss.seam.log.Log;

import org.jboss.seam.security.Credentials;

import org.jboss.seam.security.Identity;

@Stateless

@Name("authenticator")

public class AuthenticatorBean implements Authenticator {

@Logger

private Log log;

@In

Identity identity;

@In

Credentials credentials;

@In

private Actor actor;

public boolean authenticate() {

log.info("authenticating {0}", credentials.getUsername());

//write your authentication logic here,

//return true if the authentication was

//successful, false otherwise

if ("admin".equals(credentials.getUsername())) {

identity.addRole("admin");

actor.setId("admin");

return true;

} else if ("brian".equals(credentials.getUsername())) {

identity.addRole("admin");

actor.setId("brian");

return true;

} else if ("prasanna".equals(credentials.getUsername())) {

identity.addRole("admin");

actor.setId("prasanna");

return true;

}

return false;

}

1. Re: Where do I put actor.setId when using jaas authentication?

brieweb Sep 3, 2012 11:56 PM (in response to brieweb)

I added the following to components.xml and it worked.

<event type="org.jboss.seam.security.postAuthenticate">
    <action execute="#{authenticator.authenticate}"/>
</event>

Changed the authenticator bean to work as the postAuthenticate bean. I hope this doesn't create confusion.

import java.util.Enumeration;
import java.util.Iterator;

import javax.ejb.Stateless;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.bpm.Actor;
import org.jboss.seam.log.Log;
import org.jboss.seam.security.Credentials;
import org.jboss.seam.security.Identity;
import org.jboss.seam.security.SimpleGroup;
import org.jboss.seam.security.SimplePrincipal;

@Stateless
@Name("authenticator")
public class AuthenticatorBean implements Authenticator
{
    @Logger private Log log;

    @In Identity identity;
    @In Credentials credentials;

    @In private Actor actor;

    public boolean authenticate()
    {
        log.info("authenticating {0}", identity.getPrincipal().getName());
        //actor.setId(identity.getUsername());
        actor.setId(identity.getPrincipal().getName());
        Iterator principleItr = identity.getSubject().getPrincipals().iterator();
        while(principleItr.hasNext()){
            Object principle = principleItr.next();
            if (principle instanceof SimpleGroup){
                SimpleGroup simpleGroup = (SimpleGroup) principle;
                Enumeration simpleGroupMembers = simpleGroup.members();
                while(simpleGroupMembers.hasMoreElements()){
                    SimplePrincipal aPrincipal = (SimplePrincipal)simpleGroupMembers.nextElement();
                    actor.getGroupActorIds().add(aPrincipal.getName());
                }
            }
        }
        return true;
    }
}
Actions