6 Replies Latest reply on Apr 16, 2009 11:52 AM by Frank Cornelis

    Seam Authentication using eID token

    Frank Cornelis Apprentice

      I'm using my eID card to login to JBoss Seam. So we have some pages protected via pages.xml


      <page view-id="/admin/admin.xhtml">
          <restrict>#{s:hasRole('admin')}</restrict>
      </page>



      And via


      <exception class="org.jboss.seam.security.NotLoggedInException">
          <redirect view-id="/login.xhtml">
              <message>You must be logged in to perform this action</message>
          </redirect>
      </exception>


      we can reach the login page. This login page has some eID Applet and via a Servlet I eventually push the credentials to the JBoss Seam framework:


      HttpSession httpSession = httpServletRequest.getSession();
      Credentials credentials = (Credentials) httpSession.getAttribute("org.jboss.seam.security.credentials");
      credentials.setUsername(userId);
      credentials.setPassword(adminPassword);



      To let JBoss Seam do its job I have configured in components.xml the following:


      <security:identity authenticate-method="#{authenticator.authenticate}" />



      Where my authenticator is a simple Seam component.


      The problem I have now is that I cannot make a distinction between a first login attempt and the following attempts. So I would like to have on the login.xhtml page something like:


      Login failed. Please try again.



      after a failed login. How do I do that?


      I already tried something with


      @Observer("org.jboss.seam.security.loginFailed")



      but it doesn't get called.