Seam 2.2 Security Example
emerald007 Aug 3, 2011 8:56 AMI have an existing Tide based application and I need to enable role based access controls. I plan to use the Seam 3 Security framework, the initial authentication stage will be done with a CAS/JASIG filter, with authorisations then being processes via LDAP. I'm justing GraniteDS 2.2.0.GA, Seam 2.2.2.FINAL and spring 3.0.5.FINAL.
I want to outline the steps and files that I plan to achieve this to ensure i'm on the right track.
1 - web.xml
Add the CAS/JASIG filter. Add the seam listener
2 - granite-config.xml
Add the seam security service
<security type="org.granite.seam.security.SeamSecurityService"/>
Ensure the jboss seam Identity is registered with tide
<tide-components>
<tide-component instance-of="org.jboss.seam.security.Identity"/>
3 - services-config.xml
Enable the SeamServiceFactory for the application
<factory id="seamFactory" class="org.granite.seam.SeamServiceFactory" />
4 - Add a custom Identity
I'll add a custom Identity class, this will expect that the CAS filter has authenticated the user, and it will then determine the correct roles/permissions to add to the users Identity object.
@Name("org.jboss.seam.security.identity")
@Scope(ScopeType.SESSION)
@Install(precedence = APPLICATION)
@BypassInterceptors
@Startup
public class ProactionIdentity extends Identity {
5 - components.xml
In order to configure the seam components i need to provide a 'components.xml' file but am unsure of the content. If the class is correctly annotated won't the object be injected correctly?
6 - Login Page
My existing login page is contained within a Login.mxml file. In most of the example I've seen, the seam security framework expects a 'pages.xml' files to be provided, in which the page navigation rules can be configured and the attribute 'login-required' is enabled.
7 - Role Base Controls
The final step will be to update my mxml files to ensure the components use the attribute 'visibility' with the correct role/permission setting.
Are there any major steps that you think i might be missing?
Regards,
P