Seam Authentication without identity.login

trouby Dec 15, 2009 7:57 PM

Hey,

I have a situation when sometimes I would like to perform authentication not through the defined auth method in components.xml,
An example could be an authentication based on questions when a user forgot his password,

For this example, assuming I have all the logic to verify the answers of the questions, is it possible to trigger a success authentication not via identity.login?

I'd still like to use the standard auth events such: org.jboss.seam.security.loginSuccessful/loginFailed/etc.

Thanks,

Asaf.

1. Re: Seam Authentication without identity.login

kragoth Dec 15, 2009 11:52 PM (in response to trouby)

Why can't you just set the username and password once the question has been answered correctly and then call login?

You have obviously gone off and retrieved the user's details anyway. So, I'm not sure why this wouldn't work.

If all else fails take a look inside the Identity.login method and just make the appropriate calls to do your authentication.
Actions
2. Re: Seam Authentication without identity.login

trouby Dec 16, 2009 11:20 AM (in response to trouby)

Well, it does not help to set the user/pass, seam initialize the Principal object via invoking the auth method you define,

I wanted to know if there's a 'correct way' to perform auth without invoking the auth method/hacking into the identity class,

Thanks!
Actions
3. Re: Seam Authentication without identity.login

germanescobar Dec 16, 2009 1:45 PM (in response to trouby)
Try this:

Principal principal = new SimplePrincipal(username); identity.acceptExternallyAuthenticatedPrincipal(principal);

Hope it helps!
Actions

Go to original post