0 Replies Latest reply on Dec 21, 2010 7:11 PM by Ryan Samiley

    Infinite Loop with NotLoggedInException

    Ryan Samiley Newbie

      Trying to integrate my app with Oracle WebSSO. Unfortunately after I log in through WebSSO, Seam looks like it loses the identity then goes into an infinite loop with NotLoggedInException.

      I have an Authenticator interface:

      public interface Authenticator {
        boolean authenticate();
        void logout();

      When WebSSO performs a successful authentication it puts the username in the Http Header with a customizable token. The WebSSO Authenticator looks like:

      public class WebSSOAuthenticator implements Authenticator, Serializable {
        private Identity identity;
        public WebSSOAuthenticator() {
        public boolean authenticate() {
          if (identity.isLoggedIn()) {
            return true;
          ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
          HttpServletRequest request = (HttpServletRequest) externalContext.getRequest();
          String username = request.getHeader("USER_TOKEN");
          // Perform some authentication logic with the username
          SimplePrincipal principal = new SimplePrincipal(username);
          return true;
        public void logout() {

      Components.xml defines a factory to get the Authenticator since we also have another Authenticator for testing. I'm interested in the WebSSOAuthenticator.

      <security:identity authenticate-method="${authenticator.authenticate"/>
      <component name="authenticatorFactory" class="com.mycompany.AuthenticatorFactory" auto-create="true" scope="stateless"/>
      <factory name="authenticator" scope="session" method="#{authenticatorFactory.getAuthenticator}"/>


      <pages ... login-view-id="/main.xhtml">
        <page view-id="/main.xhtml">
          <action execute="#{authenticatorFactory.getType()}" if="#{!identity.loggedIn}"/>
          <navigation from-action="#{authenticatorFactory.getType()}">
            <rule if-outcome="web-sso">
              <redirect view-id="/login-websso.xhtml"/>
            <!-- Additional rule for testing... -->
        <page view-id="/login-websso.xhtml">
          <action execute="#{identity.login}"/>
          <navigation from-action="#{identity.login}">
            <rule if-outcome="loggedIn">
              <redirect view-id="/main.xhtml"/>

      I'm using Seam 2.2.1 CR1 with Apache Tomcat 6.0.26