-
1. Re: Errai Security with PicketLink
mbarkley Feb 27, 2014 9:17 AM (in response to vwjugow)Hi Victor,
There are lots of changes happening with the Errai Security module right now. In fact, there were several changes published in the snapshot last night. Could you confirm whether your problem still occurs with the newest snapshots? (You may need to use the -U flag building with maven).
If you still have the problem, could you please post a code sample where you call Identity.login() and Identity.getUser() ?
Cheers.
-
2. Re: Errai Security with PicketLink
vwjugow Feb 27, 2014 9:33 AM (in response to mbarkley)I've started the same discussion in PicketLink forum.
Errai Security with Picketlink
As I said there, I removed Errai Security and this is still happening, so I guess it has nothing to do with it. I'll post the sample code there.
-
3. Re: Re: Errai Security with PicketLink
vwjugow Mar 27, 2014 2:52 PM (in response to vwjugow)Ok, so I'm starting again. I only want to try to make Errai Security manage the session. Is there any GOOD example about using Errai Security? I mean, an example that even tells what dependencies to add, shows import, because right now I'm basing on this page: errai/errai-security at master · errai/errai · GitHub and the sources there published.
This is what I did so far:
added these dependencies
<dependencyManagement> <dependencies> <dependency> <groupId>org.picketlink</groupId> <artifactId>picketlink-javaee-6.0</artifactId> <type>pom</type> <scope>import</scope> <version>${version.picketlink.javaee.bom}</version> </dependency> </dependencies> </dependencyManagement> .... <dependency> <groupId>org.jboss.errai</groupId> <artifactId>errai-security</artifactId> <version>3.0-SNAPSHOT</version> </dependency> <dependency> <groupId>org.picketlink</groupId> <artifactId>picketlink-api</artifactId> <version>2.6.0.CR1</version> <scope>compile</scope> </dependency> <dependency> <groupId>org.picketlink</groupId> <artifactId>picketlink-impl</artifactId> <version>2.6.0.CR1</version> <scope>runtime</scope> </dependency>
Created this class
package app.server.helper.impl; import app.client.shared.exception.AuthenticationException; import app.server.persistence.UserDAO; import com.magick.models.shared.User; import org.jboss.errai.bus.server.annotations.Service; import org.jboss.errai.common.client.PageRequest; import org.jboss.errai.security.shared.AuthenticationService; import org.jboss.errai.security.shared.Role; import org.mindrot.jbcrypt.BCrypt; import org.picketlink.Identity; import org.picketlink.credential.DefaultLoginCredentials; import org.picketlink.idm.credential.Password; import javax.enterprise.context.ApplicationScoped; import javax.enterprise.event.Event; import javax.inject.Inject; import java.util.ArrayList; import java.util.HashSet; import java.util.List; import java.util.Set; /** * @author Victor Wjugow :D * @since 2/24/14 2:47 PM */ @Service @ApplicationScoped class MagickAuthenticationServiceImple implements AuthenticationService { @Inject private Identity identity; @Inject DefaultLoginCredentials credentials; @Inject UserDAO userDAO; @Inject private Event<User> userEvent; @Override public org.jboss.errai.security.shared.User login(String username, String password) { credentials.setUserId(username); credentials.setCredential(new Password(password)); User user = userDAO.fetchUserByName(credentials.getUserId()); if (!BCrypt.checkpw(credentials.getPassword(), user.getPasswordHash())) { throw new AuthenticationException("Failure in authentication"); } if (identity.login() != Identity.AuthenticationResult.SUCCESS) { throw new AuthenticationException("ASDASDASDASDASD"); } userEvent.fire(user); return new org.jboss.errai.security.shared.User(username); } @Override public boolean isLoggedIn() { return identity.isLoggedIn(); } @Override public void logout() { identity.logout(); } @Override public org.jboss.errai.security.shared.User getUser() { return createUser((org.picketlink.idm.model.basic.User) identity.getAccount(), new HashSet<Role>()); } private org.jboss.errai.security.shared.User createUser(org.picketlink.idm.model.basic.User picketLinkUser, Set<Role> roles) { org.jboss.errai.security.shared.User user = new org.jboss.errai.security.shared.User(); user.setLoginName(picketLinkUser.getLoginName()); // user.setLastName(picketLinkUser.getLastName()); // user.setFirstName(picketLinkUser.getFirstName()); user.setEmail(picketLinkUser.getEmail()); // user.setRoles(roles); return user; } @Override public List<Role> getRoles() { return new ArrayList<>(); } @Override public boolean hasPermission(PageRequest pageRequest) { return true; } }
copied the login page from this example errai/errai-security at master · errai/errai · GitHub
Added
<inherits name="org.jboss.errai.security.Security"/>
to App.gwt.xml
And that's it. When I compile with mvn install I get http://pastebin.com/AXQYBEZX
-
4. Re: Re: Errai Security with PicketLink
mbarkley Mar 28, 2014 2:50 PM (in response to vwjugow)The error message you posted suggests that you are referencing picketlink's PermissionResolver from client-side code. Errai Security doesn't allow you to reference picketlink classes from client-code. It is meant to be a thin wrapper, where you would use the Errai Security classes in your client and shared code.
Regarding more guidance, you should check out the security sections in the documentation. The last section on configuration explains what you need to add to your pom.xml and beans.xml to make Errai Security work.
-
5. Re: Errai Security with PicketLink
vwjugow Mar 31, 2014 11:05 AM (in response to mbarkley)Thanks Max. I wasn't referencing any Picketlink class from the client. The problem was fixed when I copied the right dependencies from the documentation you provided, so it compiles now. I coulnd't make it run yet because of having 2 implementations for AuthenticatorService (Errai's and one of my own) I'll get back to you as soon as I have a little more time to work on this.
-
6. Re: Errai Security with PicketLink
vwjugow Apr 1, 2014 10:58 AM (in response to mbarkley)Hi Max, I'm testing with everything just like in the documentation. App compiles and runs, but it's throwing AuthenticationException when trying to login with john:123
I debugged and the create() method in the @Startup PicketLinkDefaultUsers class isn't being called although it's a @Postconstruct method. So no instance of this class is being created. Why can this be happening? My @Startup classes don't get instantiated.
EDIT: Could it be that Jetty doesn't support @Startup since it's a EJB annotation?
-
7. Re: Errai Security with PicketLink
mbarkley Apr 2, 2014 4:19 PM (in response to vwjugow)EDIT: Could it be that Jetty doesn't support @Startup since it's a EJB annotation?
That seems like a viable cause. I'm not sure what the best solution on Jetty would be.
-
8. Re: Errai Security with PicketLink
vwjugow Apr 3, 2014 11:06 AM (in response to mbarkley)If I try on Jboss I get:
Caused by: java.lang.ClassNotFoundException: org.jboss.errai.security.client.local.identity.Identity from [Module "deployment.webapp.war:main" from Service Module Loader]
at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:190)
at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:468)
at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:456)
at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398)
at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:120)
... 30 more
I tried adding the modules (client, server, picketlink) to jboss but still get this. Although I haven't set the dependencies for each one inside the module.xml .. Is there any help guide on doing this? Or should this be working without configuring any modules ?
-
9. Re: Errai Security with PicketLink
mbarkley Apr 3, 2014 11:16 AM (in response to vwjugow)Caused by: java.lang.ClassNotFoundException: org.jboss.errai.security.client.local.identity.Identity from [Module "deployment.webapp.war:main" from Service Module Loader]
The Identity class is client-only. Basically any class in errai-security-client should not be referenced from shared code.
Although I haven't set the dependencies for each one inside the module.xml
The problem is likely unrelated. Focus on making sure that your client-only classes are not inadvertently referenced from server-side or shared code.
-
10. Re: Errai Security with PicketLink
vwjugow Apr 7, 2014 2:09 PM (in response to mbarkley)Max, unfortunately I haven't found any usage of Identity in Shared code.
I've uploaded a demo project that reproduces the issue to git@bitbucket.org:vwjugow/errar-security-issue.git / https://vwjugow@bitbucket.org/vwjugow/errar-security-issue.git
steps after import:
configure your jboss credentials in pom.xml (in the properties)
mvn clean
mvn install -Dmaven.test.skip=true -Derrai.compile.perf.perform_reachability_analysis=true -Pjboss7
run jboss (I'm running a 7.1.1 wildfly)
mvn gwt:run -Denvironment=dev -Pjboss7
After this, you can see in the jboss console that it throws
Caused by: java.lang.NoClassDefFoundError: Lorg/jboss/errai/security/client/local/identity/Identity;
-
11. Re: Errai Security with PicketLink
mbarkley Apr 8, 2014 10:44 AM (in response to vwjugow)Victor,
I can't compile your demo because maven can't resolve this dependency: com.magick:models:jar:0.2.0-Final
-
12. Re: Errai Security with PicketLink
vwjugow Apr 8, 2014 11:21 AM (in response to mbarkley)Oh I'm really sorry. Completely forgot about that.
You can pull again now, it should compile just fine.
Before compiling thought, if you are not using chrome check the App.gwt.xml because I've set it to only compile for Chrome's agent (safari)
And, instead of running mvn gwt:run -Denvironment=dev -Pjboss7 you can just deploy the generated war (it should be in target folder inside project) from the Jboss console page usually at http://localhost:9990/ guess you already knew this though haha.
Thanks for helping me with this !
-
13. Re: Re: Errai Security with PicketLink
mbarkley Apr 8, 2014 1:51 PM (in response to vwjugow)1 of 1 people found this helpfulVictor,
The class that wasn't loading (Login) was in a client.local package, so it shouldn't be deployed to the server in the first place. Here's a maven-war-plugin configuration that excludes classes in a client.local package from packaged war files:
<plugin> <artifactId>maven-war-plugin</artifactId> <configuration> <failOnMissingWebXml>false</failOnMissingWebXml> <warName>${project.artifactId}</warName> <packagingExcludes>**/javax/**/*.*,**/client/local/**/*.class</packagingExcludes> <warSourceExcludes>WEB-INF/web.xml</warSourceExcludes> </configuration> </plugin>
-
14. Re: Errai Security with PicketLink
vwjugow Apr 9, 2014 10:09 AM (in response to mbarkley)Thanks Max, that seems to have helped.
I'm now getting http://pastebin.com/WAAaB2Fb . I googled and found http://stackoverflow.com/questions/7068148/resteasy-cdi-getting-duplicate-context-initialization-parameter-resteasy-inje , tried solutions there but couldn't make it work. If you pull again you'll see the changes.
I tried removing errai-security and picketlink dependencies and the app starts (with an error http://pastebin.com/0WeU2v8Q but starts) .. so my guess is that picketlink uses resteasy and breaks the deployment to jboss any ideas on this ?
I'm using these dep:
<dependency>
<groupId>org.jboss.errai</groupId>
<artifactId>errai-security-server</artifactId>
<version>${errai.version}</version>
</dependency>
<dependency>
<groupId>org.jboss.errai</groupId>
<artifactId>errai-security-client</artifactId>
<scope>provided</scope>
<version>${errai.version}</version>
</dependency>
<dependency>
<groupId>org.jboss.errai</groupId>
<artifactId>errai-security-picketlink</artifactId>
<version>${errai.version}</version>
</dependency>