5 Replies Latest reply on May 15, 2008 7:52 PM by Bill Evans

    Extending Identity is problematic

    Bill Evans Newbie

      I have created an Object that extends the Identity class, to give it custom attributes. Everything works fine except that the following does not work:



       <page view-id="/main/main.xhtml" login-required="true"/>  


       


      I think the reason lies in pages.java where it checks to see if login redirect is required:



      private boolean isLoginRedirectRequired(String viewId, Page page)
         {
            return page.isLoginRequired() && 
                  !viewId.equals( getLoginViewId() ) && 
                  !Identity.instance().isLoggedIn();
         }




      The call to Identity instance() method effectively bypasses my implementation of Identity and always returns false.


      Is this a known problem and if not why not?

        • 1. Re: Extending Identity is problematic
          Shane Bryzak Master

          Could you post the code for your identity class?

          • 2. Re: Extending Identity is problematic
            Bill Evans Newbie

            I'll do better, I show you the code that doesn't work and what I did to fix it:


            First this doesn't work (in the aspect I described before):



            @Name("identity")
            @Scope(ScopeType.SESSION)
            public class GuardianIdentity extends Identity {
            
                 @In Messages gaMessages;
                 @In FacesMessages facesMessages;
                 @In(scope=ScopeType.APPLICATION) ConfigurationMgr configMgr;
                 @In(scope=ScopeType.APPLICATION) QueryManager raQueryMgr;
                 
                 @Out(required=false)
                 private RiskAppUser user;     
                 private HostService hostSvc;
                 private long loginTime;
                 
                 /**
                  * Constructor
                  */
                 public GuardianIdentity() {
                 }
                      
                 /** 
                  * @see org.jboss.seam.security.Identity#login()
                  */
                 public String login() {
                      try {
                           this.loginTime = System.currentTimeMillis();
                           //
                           authenticate();
                           //
                           this.raQueryMgr.onUserLogon(this);
                           return "loggedIn";
                      }
                      catch (LoginException ex) {
                           if (Events.exists())
                                Events.instance().raiseEvent(EVENT_LOGIN_FAILED, ex);
                           return null;
                      }
                 }
                 /** 
                  * @see org.jboss.seam.security.Identity#logout()
                  */
                 public void logout() {
                      this.raQueryMgr.onUserLogout(this);
                      super.logout();
                 }
                 
            }
            



            Now, how I fixed it, basically through delegation:




            @Name("raIdentity")
            @Scope(ScopeType.SESSION)
            public class GuardianIdentity extends Identity {
            
                 @In Messages gaMessages;
                 @In FacesMessages facesMessages;
                 @In(scope=ScopeType.APPLICATION) ConfigurationMgr configMgr;
                 @In(scope=ScopeType.APPLICATION) QueryManager raQueryMgr;
            
                 // BIG NOTE: Delegation is the name of the game (i.e. we can't inherit). 
                 // Reason is that Seam likes to reference Identity by class! 
                 // See Pages.isLoginRedirectRequired and follow path. It messes up redirects. 
                    @In(create=true) 
                    private Identity identity;               
                           
                 @Out(required=false)
                 private RiskAppUser user;
                 
                 private HostService hostSvc;
                 //
                 //     The loginTime is used to identify the instance, assuming same user can login multiple times.
                 //
                 private long loginTime;
                 
                 /**
                  * Constructor
                  */
                 public GuardianIdentity() {
                 }
                 
                 
                 /** 
                  * @see org.jboss.seam.security.Identity#login()
                  */
                 public String login() {
                      //
                      this.loginTime = System.currentTimeMillis();
                      //
                      String result = this.identity.login();
                      if (result != null) {
                           this.getRaQueryMgr().onUserLogon(this);
                      }
                      return result;          
                 }
                 /** 
                  * @see org.jboss.seam.security.Identity#logout()
                  */
                 public void logout() {
                      this.identity.logout();
                      this.getRaQueryMgr().onUserLogout(this);
                 }
                 
            
                 /** 
                  * @see org.jboss.seam.security.Identity#addRole(java.lang.String)
                  */
                 public boolean addRole(String role) {
                      return this.identity.addRole(role);
                 }
            
                    ... And all the other public methods delegated to....
            
                 /** 
                  * @see org.jboss.seam.security.Identity#setUsername(java.lang.String)
                  */
                 public void setUsername(String username) {
                      this.identity.setUsername(username);
                 }
                 
            }


            • 3. Re: Extending Identity is problematic
              Shane Bryzak Master

              The name is wrong, it should be org.jboss.seam.security.identity.  There's actually a section in the security chapter of the ref docs that describe how to correctly extend the Identity component:


              http://docs.jboss.com/seam/latest/reference/en/html/security.html#d0e8142

              • 4. Re: Extending Identity is problematic
                Bill Evans Newbie

                Ahhhh, interesting.... ok, I'll try that - thanks!

                • 5. Re: Extending Identity is problematic
                  Bill Evans Newbie

                  Shane,
                  I did as you recommended and after some other tweaks got it working. Thank you very much for your help - guess, next time I should study the manual more carefully!