0 Replies Latest reply on Oct 26, 2009 3:31 AM by Vladimir Dyuzhev

    Login using external SSO application

    Vladimir Dyuzhev Newbie

      I have a Seam application that have to use an external one to login. The logic is as follows:


      - My app sends user to external SSO URL
      - User provides credentials there and what it takes
      - On success, the external app redirects user back to my app with a random token
      - My code should contact the external app via HTTP with the passed token and get complete user information in return


      Pretty straightforward. But I'm stuck.


      The redirect is coming to /seam/resources/token. I was intended to get Identity from the session, populate it with token, and authenticate. But in the resource handler the user session is apparently not visible: session context is null. :(


      I tried to do LifeCycle.beginCall there, and it works in a sense: authentication logic works, but the result never get available to the user (user's session still has empty Identity).


      What do I do wrong?


      P.S. Here is more or less complete code of my resource handler. Logging and other unrelated stuff removed for brevety.


      @Scope(ScopeType.APPLICATION)
      @Name("tokenResource")
      // @BypassInterceptors
      public class TokenResource extends AbstractResource {
          @Override
          public String getResourcePath() {
              return "/token";
          }
      
          @Override
          public void getResource(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
               String token = request.getParameter("token");
      
              // woot?
               Lifecycle.beginCall();
               
               Identity identity = Identity.instance(); 
               MyIdentity mid = (MyIdentity) identity;
               mid.setToken(token);
               mid.login();
              
              response.sendRedirect("/home.seam");
          }
      }