0 Replies Latest reply on Oct 22, 2009 12:21 PM by Sascha Effert

    Login to a sassion bean

    Sascha Effert Newbie


      I have a SEAM 2.0.2 Application with a Web-GUI using the simplified security method described in chapter 14 of the documentation. So I wrote a simple Login Bean:

      public class LoginBean implements Login {
           private Log log;
           private EntityManager entityManager;
           private Identity identity;
           public boolean authenticate() {
                List<User> resultList = 
                          entityManager.createQuery("from User u where" + 
                          " name=:name").setParameter("name", 
                if (resultList.size() == 0) {
                     log.warn("Login failed for user #0 (No " +
                                 "User with that name)",
                     return false;
                } else {
                     log.info("Found user #0, " + 
                                  " checking password", 
                     user = resultList.get(0);
                     if (!user.getPassword().
                                   equals(identity.getPassword())) {
                          log.warn("User #0 has wrong " + 
                                         "password #1 (should be #2)", 
                          return false;
                     return true;

      Further I added the security constrains in my pages.xml:

      <page view-id="/server/*" login-required="true">
              <rule if-outcome="list">
                  <redirect view-id="/serverlist.xhtml"/>

      And in components.xml I connected the authenticate method the login requirement:

      <security:identity security-rules="#{securityRules}" authenticate-method="#{login.authenticate}" remember-me="true"/>

      This runs quite good. Now I have to build a second way to access my SEAM Application, because it has to be useable by a command line interface and scripts to do some of the tasks, that can be done in the Web GUI automatically. Therefore I want to use a remote Session Bean (I think statefull). I want that the client also has to authenticate itself using login and password as in the Web GUI. What is the right way to declare the Session Bean and how do I connect it in a java client? I did not find something about this in the documentation, as there is only mentioned how to solve it in the Web GUI.