0 Replies Latest reply on Jun 16, 2009 12:22 PM by joe_the_quick

    Using a JAAS Realm with Tomcat 6 and Seam

    joe_the_quick Newbie
      I'm using Tomcat6 for development purposes and want to use the JAAS Loginmodule configured in a Realm inside the Context.xml.
      This works great without Seam.

      However, after integrating with Seam 2.1.2, there are two issues:
      1.) It seems that it is not possible to use the Tomcat Realm with Seam.
      In the security:identity you have to quote a jaas-config-name to refer to a JAAS-Config.
      However, in Tomcat there is no such jaas-config-name, as the Realm is declared inside the Context.xml.

      2.) I also tried the approach to let Tomcat JAAS do the authentication and override the Identity:

      @Install(precedence = Install.APPLICATION) 

      public class CustomIdentity extends Identity {
      public Principal getPrincipal() {
              Principal currentUser = ((HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext()
              return currentUser;

      but with no luck. The call to getRequest().getUserPrincipal() results in a invocation of CustomIdentity.getPrincipal() itself which turns out to be an endless loop (StackOverflowException).

      There is also a related JIRA-issue:
      But there is no documentation left on how to exactly implement the custom Identity.

      Does someone else know of any way to reuse the Tomcat Realm with Jboss Seam?

      Thanks & Best regards,