Can I use custom login module without extending any predefined login modules in WildFly SSO?
varunthadaka Aug 11, 2015 10:21 AMHello,
I'm trying to implement SSO in WildFly-8.2.0.Final.
In most of the documents provided related to WildFly SSO, they have given login module examples for UsersRoles, Database or custom login modules.
In custom login-module, is it required my login class(login manager for my application) to extend some predefined classes like 'UsernamePasswordLoginModule"?
Because I already have a login mechanism using seam security Identity for authentication. Can I use my login mechanism without extending UsernamePasswordLoginModule. If it is possible can anyone give example how it works?
In standalone.xml - security domain configuration is like:
<security-domain name="sso" cache-type="default">
<authentication>
<login-module code="com.company.LoginAction" flag="required">
</login-module>
</authentication>
</security-domain>
Below is my LoginAction class:
--------------------------------------
package com.company;
import java.util.List;
import javax.ejb.Stateless;
import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import org.jboss.seam.ScopeType;
import org.jboss.seam.security.Identity;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.JndiName;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Out;
import org.jboss.seam.contexts.Context;
import org.jboss.seam.ejb.SeamInterceptor;
@Stateless
@Name("login")
@JndiName(value="java:app/booking2/login/local")
public class LoginAction implements Login
{
@In
Identity identity;
@Out(scope=ScopeType.SESSION)
private BookingUser user;
@PersistenceContext
private EntityManager em;
@In
private transient Context sessionContext;
@In
private transient FacesContext facesContext;
public boolean login()
{
List<BookingUser> results = em.createQuery("select u from BookingUser u where username=:username and password=:password")
.setParameter("username", identity.getUsername())
.setParameter("password", identity.getPassword())
.getResultList();
if ( results.size()==0 )
{
facesContext.addMessage(null, new FacesMessage("Invalid login"));
return false;
}
else
{
user = results.get(0);
return true;
}
}
}
Regards,
Varun