1 Reply Latest reply on Apr 22, 2010 4:03 PM by hassan bidani

    Authentication error "HTTP status 403" with Single Sign On over Servlet

    hassan bidani Newbie

      Hi,

      For a Social Network the Open Social API is implemented using Apache
      Shindig.
      Within the Social Network I want to embed a JBoss Seam application with
      the help of
      OpenSocial API and run it in an IFrame.

      OpenSocial OAuth for authentication has been successfully integrated,
      and the XML Gadgets can easily authenticate into the Social Network
      and I have access to the Social Data.

      Within the SN it is obligatory to login into JBoss Seam application.
      The goal is a one-time registration (auto login) in the SN and an
      automatic registration in the
      JBoss Seam application.

      I have tried to use a Servlet using Single Sign On

      The problem is that I cannot authenticate with auto-login function,
      because I get error HTTP status 403

      With the Open Social API I can get the following data: person.username
      and person.password.
      Within the Servlet.doGet() method I initialize the Seam components and a
      person-object:

             @In
             Identity identity;

             @In
             Credentials credential;

             Person person : new Person(username, password,data,data,...);
             credential.setUsername(person.getUsername) ;
             credential.setPassword(person.getPassword);
             authenticator.authenticate();

             the person-object is not null but when forwarding to welcom.seam:
             - response.sendRedirect (http://localhost:8081/Tool/welcom.seam);
               the person-object can not be loaded.
               (credential is null).

      Do you have an idea how to get the Seam credentials within a servlet?


      Hassan Bidani
      Thanks in advans

        • 1. Re: Authentication error "HTTP status 403" with Single Sign On over Servlet
          hassan bidani Newbie

          hassan bidani wrote on Apr 22, 2010 15:55:


          Hi,

          For a Social Network the Open Social API is implemented using Apache
          Shindig.
          Within the Social Network I want to embed a JBoss Seam application with
          the help of
          OpenSocial API and run it in an IFrame.

          OpenSocial OAuth for authentication has been successfully integrated,
          and the XML Gadgets can easily authenticate into the Social Network
          and I have access to the Social Data.

          Within the SN it is obligatory to login into JBoss Seam application.
          The goal is a one-time registration (auto login) in the SN and an
          automatic registration in the
          JBoss Seam application.

          I have tried to use a Servlet using Single Sign On

          The problem is that I cannot authenticate with auto-login function,
          because I get error HTTP status 403

          With the Open Social API I can get the following data: person.username
          and person.password.
          Within the Servlet.doGet() method I initialize the Seam components and a
          person-object:


                 @In
                 Identity identity;

                 @In
                 Credentials credential;

                 Person person : new Person(username, password,data,data,...);
                 credential.setUsername(person.getUsername);
                 credential.setPassword(person.getPassword);
                 authenticator.authenticate();

                 the person-object is not null but when forwarding to welcom.seam:
                 - response.sendRedirect (http://localhost:8081/Tool/welcom.seam);
                   the person-object can not be loaded.
                   (credential is null).

          Do you have an idea how to get the Seam credentials within a servlet?

          How to redirect the person-object to the welcome page?


          Note:  - Social Network is based on Tomcat, Facelets, JSF, Spring.
                 - The Gadget-application based on JBoss Seam, JSF, EJB is a Non Gadget XML.
                 - For the OpenSocial API Implemetation was used Apache Shindig.
                 - Apache Shindig Security is based on OAuth.
                 - Seam components are Identity and Credentia

          Hassan Bidani
          Thanks in advans


          Click HELP for text formatting instructions. Then edit this text and check the preview.