1 Reply Latest reply on May 24, 2010 12:21 PM by Michal Petrik

    Seam Identity Manager Security Permisions

    mariusz bogucki Newbie

      I use Seam identity manager to create new user.

      @Install(precedence = APPLICATION)
      public class IdentityManager extends org.jboss.seam.security.management.IdentityManager {
          public static final String EVENT_USER_CREATED = "org.jboss.seam.security.management.userCreated";
          public static final String EVENT_PRE_PERSIST_USER = "org.jboss.seam.security.management.prePersistUser";
          User user;
          public boolean createUser(User user) {
              this.user = user;
              System.out.println("Create user before......:");
              System.out.println("list users: " + super.getIdentityStore().listUsers());
              System.out.println("list roles: " + super.getIdentityStore().listRoles());
              super.createUser(user.getUsername(), user.getPassword());
              return true ;
          public void onPrePersist(User user) {
              System.out.println("trying to persist............................");
          public void onUserCreated(User user) {
              // post persist 

      and super.createUser(user.getUsername(), user.getPassword()); throws exception that says that I am not loged in and authorization failed
      but if I change that to:

      super.getIdentityStore().createUser(user.getUsername(), user.getPassword());

      it seems to be working. Can somebody explain it to me, because it took me some time before I changed it to this and I dont even know why It makes a difference I thought that identity manager made that call anyway.

        • 1. Re: Seam Identity Manager Security Permisions
          Michal Petrik Newbie

          it is because the default IdentityManager checks permissions before it calls the IdentityStore...

          This is code from default IdentityManager:

             public boolean createUser(String name, String password, String firstname, String lastname)
                Identity.instance().checkPermission(USER_PERMISSION_NAME, PERMISSION_CREATE);
                return identityStore.createUser(name, password, firstname, lastname);