0 Replies Latest reply on Jun 14, 2013 5:49 AM by Nikhil N

    Facing issue in authenticating external component in seam application

    Nikhil N Newbie

      1 ) Issue i am facing is , seam application has a external component , here without authentication i am able to access the external component, i tried with the below approach ,


      tried adding the below authentication filter in components.xml , but even this didn't work


      <web:authentication-filter url-pattern="/test/resource/rest/*" auth-type="basic"/> ,


      is there a way to restrict seam servlet (AbstractResource Class)  from un-authorized users,




      /* @BypassInterceptors */

      public class ImageProcessor extends AbstractResource {



      is there any way pages.xml to add restrictions?


      The above approach tried at frame work level , below I tried with other approach using sessionID ‘s  which is at server level ,


      2) I tried using sessionID to authenticate, but seam action is having a different sessionID and external component is having a different sessionID , then i tried adding the JsessionID in the response header as below , to sustain the same sessionID across the application , but here i was able to achieve getting same sessionID across the application, but being ideal for few minutes and then click the external component , then i am getting new sessionID , though i have configured session time out to 30 min .. which means the external component does not deal with session time out configured in web.xml.


      1. response.addHeader("SET-COOKIE", "JSESSIONID=" + request.getSession().getId() + ";path=/;");


      the above issue is related to server side , which is Jboss EPP 4.3 , please suggest if there is a way to overcome the above issues ,  looking forward for  the valuable inputs for the above issue ,


      Thanks in advance!