2 Replies Latest reply on Aug 20, 2010 6:23 PM by Shane Bryzak

    Simple Custom Identity throws NPE on Identity.credentials

    Chris Simons Expert

      Shane (Seam Security Master):


      I'm following instructions on extending the Seam Identity component (Seam 2.2.0.GA).


      Following the most absolutely basic configuration, I'm simply overriding the login() method, outputting to the log, and then calling super.login().



      @Name("org.jboss.seam.security.identity")
      @Scope(ScopeType.SESSION)
      @Install(precedence = Install.APPLICATION)
      @BypassInterceptors
      @Startup
      public class AppIdentity extends Identity {
      
          private static final LogProvider log = Logging.getLogProvider(AppIdentity.class);
      
          @Override
          public String login()
          {
            log.info("###### CUSTOM LOGIN CALLED ######");
            return super.login();   
          }
      }



      When I login, however, Identity fails on line 328, inside of the Identity.authenticate() method.


      Identity.authenticate() reads:



      public synchronized void authenticate() 
            throws LoginException
         {
            // If we're already authenticated, then don't authenticate again
            if (!isLoggedIn() && !credentials.isInvalid())
            {
               principal = null;
               subject = new Subject();
               authenticate( getLoginContext() );
            }      
         }



      The NPE on line 328 is on Credentials.  The Seam Debug page shows that Credentials is correctly configured, but AppIdentity doesn't seem to have the right reference to Credentials, even though I'm not overriding anything about Credentials.


      Would you be able to explain why this is happening?  Thank you so much.


      Here is our components.xml, just in case:




       <security:identity-manager identity-store="#{jpaIdentityStore}" role-identity-store="#{jpaIdentityStore}" />
          <security:rule-based-permission-resolver security-rules="#{securityRules}"/>
          <security:jpa-identity-store user-class="com.bah.englink.ejb.User"
                                       role-class="com.bah.englink.ejb.roles.AppRole"/>
          
         <drools:rule-base name="securityRules">
             <drools:rule-files>
                 <value>/security.drl</value>
             </drools:rule-files>
         </drools:rule-base>