5 Replies Latest reply on Mar 12, 2009 6:49 PM by Glenn Holmer

    can't authenticate

    Glenn Holmer Newbie
      I'm learning Seam authentication, but my authenticate method isn't being called (breakpoint not hit).  If I go to "index.html" (i.e. index.xhtml), I'm redirected to the login page, but when I log in, I just get a "Login failed" message. This is what I've done (Seam 2.1.1 on GlassFish):

      1) created an authentication class:

      @Stateless
      @Name("authenticator")
      public class CsiAuthenticator implements CsiAuthenticatorLocal {
        @Override
        public boolean authenticate() {

      2) created a login form:

      <ice:inputText id="csiuser" value="#{credentials.username}"/>
      <ice:inputSecret id="csipassword" value="#{credentials.password}"/>
      <ice:commandButton value="Login" action="#{identity.login}"/>

      3) declared login view, declared main page as requiring login:

      <?xml version="1.0" encoding="UTF-8"?>
      <pages xmlns="http://jboss.com/products/seam/pages"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://jboss.com/products/seam/pages
             http://jboss.com/products/seam/pages-2.1.xsd"
             login-view-id="/login.xhtml">
        <page view-id="/index.xhtml" login-required="true"/>
        <navigation from-action="#{identity.login}">
          <rule if-outcome="loggedIn">
            <redirect view-id="/index.xhtml"/>
          </rule>
        </navigation>
      </pages>

      4) declared the authenticator in components.xml:

      <security:identity authenticate-method="#{authenticator.authenticate}"/>

      Where might I have gone wrong?
        • 1. Re: can't authenticate
          Stuart Douglas Master

          Is there any exception being thrown during the login process?

          • 2. Re: can't authenticate
            Odomitchi Anikpo Newbie
            Have you found a solution? I am having the exact same problem. And no, I do not see an exception thrown or error. The seam documentation says "org.jboss.seam.loginFailed:  This message is produced when the login process fails, either because the user provided an incorrect username or password, or because authentication failed in some other way. " which suggests something else in the process has failed but nowhere in the documentation does it mention what it could be. I review my code and can't seem to find where I have gone wrong neither. (I notice we are both using Identity credentials)

            1) components.xml

            <security:identity authenticate-method="#{authenticator.authenticate}" remember-me="true"/>


            2) Authenticator.java

            `@Name("authenticator")
            public class Authenticator {
                    @Logger
                    Log log;

                @In
                Credentials credentials;

                    @In
                    Identity identity;

                    public boolean authenticate() {
                            log.info("authenticating #0 ", credentials.getUsername());
                    System.out.println("username " + credentials.getUsername() + " and password " + credentials.getPassword());
                            identity.addRole("admin");
                            return true;
                    }
            }`



            3) login.xhtml
                                   
            `
            <div class="dialog">
                    <h:panelGrid columns="2" rowClasses="prop" columnClasses="name,value">
                    <h:outputLabel for="username">Username</h:outputLabel>
                    <h:inputText id="username" value="#{credentials.username}"/>
                    <h:outputLabel for="password">Password</h:outputLabel>
                    <h:inputSecret id="password" value="#{credentials.password}"/>
                    <h:outputLabel for="rememberMe">Remember me</h:outputLabel>
                    <h:selectBooleanCheckbox id="rememberMe" value="#{identity.rememberMe}"/>
                    </h:panelGrid>
            </div>
            `



            Please help!
            • 3. Re: can't authenticate
              Odomitchi Anikpo Newbie
              the code I copied for login.xhtml isn't complete above. continued...

              <div class="actionButtons">
                   <h:commandButton id="login" value="Login" action="#{identity.login}"/>
              </div>
              • 4. Re: can't authenticate
                Glenn Holmer Newbie

                Stuart Douglas wrote on Mar 10, 2009 08:39:


                Is there any exception being thrown during the login process?


                It looks like it was a problem with the way I was testing it; putting a logout button on the main page helped find that.  I'm getting redirected to the login page and it's calling my authenticate method.


                But now my problem is that I can't figure out how to automatically redirect back to the original page request.  My first draft had


                <navigation from-action="#{identity.login}">
                  <rule if-outcome="loggedIn">
                    <redirect view-id="/index.xhtml"/>
                  </rule>
                </navigation>
                



                in the page descriptor; I removed that and added


                <event type="org.jboss.seam.security.notLoggedIn">
                  <action execute="#{redirect.captureCurrentView}"/>
                </event>
                <event type="org.jboss.seam/security.postAuthenticate">
                  <action execute="#{redirect.returnToCapturedView}"/>
                </event>
                



                to the component descriptor, but I still stay on the login screen with the Welcome, username message after being authenticated.  Have I missed a step?

                • 5. Re: can't authenticate
                  Glenn Holmer Newbie

                  Stuart Douglas wrote on Mar 10, 2009 08:39:


                  Is there any exception being thrown during the login process?


                  I thought I was past this point, but I guess not.  I am not seeing any exceptions, just a log message saying


                  ...severity=(INFO 0), summary=(Login failed)...
                  



                  and my auth method does not get called.


                  Sometimes it works and sometimes it just stops working.  At first I thought it was how I was testing: not logging out again, not clearing cookies, etc.  But at this point it's clear that I'm doing something seriously wrong.


                  Anybody have any ideas?  (When authentication works, I still can't make the redirect back to the original page work, either.)