0 Replies Latest reply on Oct 26, 2009 3:31 AM by Vladimir Dyuzhev

    Login using external SSO application

    Vladimir Dyuzhev Newbie

      I have a Seam application that have to use an external one to login. The logic is as follows:

      - My app sends user to external SSO URL
      - User provides credentials there and what it takes
      - On success, the external app redirects user back to my app with a random token
      - My code should contact the external app via HTTP with the passed token and get complete user information in return

      Pretty straightforward. But I'm stuck.

      The redirect is coming to /seam/resources/token. I was intended to get Identity from the session, populate it with token, and authenticate. But in the resource handler the user session is apparently not visible: session context is null. :(

      I tried to do LifeCycle.beginCall there, and it works in a sense: authentication logic works, but the result never get available to the user (user's session still has empty Identity).

      What do I do wrong?

      P.S. Here is more or less complete code of my resource handler. Logging and other unrelated stuff removed for brevety.

      // @BypassInterceptors
      public class TokenResource extends AbstractResource {
          public String getResourcePath() {
              return "/token";
          public void getResource(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
               String token = request.getParameter("token");
              // woot?
               Identity identity = Identity.instance(); 
               MyIdentity mid = (MyIdentity) identity;