2 Replies Latest reply on Jun 7, 2007 5:18 AM by gonzalad

    Integrating Seam Security with 3rd party

    gonzalad Apprentice

      Hello,

      I have a problem overloading org.jboss.seam.security.Identity class, I would need to overload the subject - and this needs some modification in Seam Identity class.

      Could this change be planned for a future release ?

      My purpose is to integrate Seam security with Acegi (or another security system). So far, no problem (we didn't have Jaas Login Module, but just inherited from Identity), prototype is functional.

      The main problem now is that the subject field of class Identity is private and that the class access it directly and not via the public getter [1].

      Could there be a change in Identity class in order to alway access subject from it's getter so I can overload the getter method ?

      Thanks

      i.e. - extract from version 1.2.0.PATCH1 :

      protected void unAuthenticate()
      {
       for ( Group sg : subject.getPrincipals(Group.class) )
       {
       if ( ROLES_GROUP.equals( sg.getName() ) )
       {
       subject.getPrincipals().remove(sg);
       break;
       }
       }
      }


      I woud like sthing like :
      protected void unAuthenticate()
      {
       for ( Group sg : getSubject().getPrincipals(Group.class) )
       {
       if ( ROLES_GROUP.equals( sg.getName() ) )
       {
       getSubject().getPrincipals().remove(sg);
       break;
       }
       }
      }


      My purpose is afterward to overload getSubject with sthing like :
      public Subject getSubject() {
       return SeamAcegiAdapter.getSubject();
      }


      [1] In detail : login via a Seam JSF page isn't the problem. I've made it with the current version of Seam. My overloaded Identity calls Acegi authenticationManager authenticate method. So far, so good.
      My problem is now I want to log via SSO or X509 mechanism using acegi filter. In this case, Acegi authentication is called but not Seam authentication.
      One solution would be to make a callback from Acegi authentication to Seam, but it doesn't seem to be the good solution.
      The other solution would be to use the Acegi subject from seam by REFERENCE -> so my need to overload the subject getter in Seam Identity class.