1 Reply Latest reply on May 24, 2010 12:21 PM by Michal Petrik

    Seam Identity Manager Security Permisions

    mariusz bogucki Newbie

      I use Seam identity manager to create new user.



      @Scope(EVENT)
      @Name("org.jboss.seam.security.identityManager")
      @Install(precedence = APPLICATION)
      @BypassInterceptors
      public class IdentityManager extends org.jboss.seam.security.management.IdentityManager {
      
          public static final String EVENT_USER_CREATED = "org.jboss.seam.security.management.userCreated";
          public static final String EVENT_PRE_PERSIST_USER = "org.jboss.seam.security.management.prePersistUser";
          User user;
      
          public boolean createUser(User user) {
              this.user = user;
              System.out.println("Create user before......:");
              System.out.println("list users: " + super.getIdentityStore().listUsers());
              System.out.println("list roles: " + super.getIdentityStore().listRoles());
      
              super.createUser(user.getUsername(), user.getPassword());
      
              return true ;
          }
      
          @Observer(EVENT_PRE_PERSIST_USER)
          public void onPrePersist(User user) {
              System.out.println("trying to persist............................");
          }
      
          @Observer(EVENT_USER_CREATED)
          public void onUserCreated(User user) {
              // post persist 
          }
      }
      



      and super.createUser(user.getUsername(), user.getPassword()); throws exception that says that I am not loged in and authorization failed
      but if I change that to:




      super.getIdentityStore().createUser(user.getUsername(), user.getPassword());





      it seems to be working. Can somebody explain it to me, because it took me some time before I changed it to this and I dont even know why It makes a difference I thought that identity manager made that call anyway.


        • 1. Re: Seam Identity Manager Security Permisions
          Michal Petrik Newbie

          Hi,
          it is because the default IdentityManager checks permissions before it calls the IdentityStore...


          This is code from default IdentityManager:




             public boolean createUser(String name, String password, String firstname, String lastname)
             {
                Identity.instance().checkPermission(USER_PERMISSION_NAME, PERMISSION_CREATE);
                return identityStore.createUser(name, password, firstname, lastname); 
             }