first I realized the subject said Instance.hasRole() in stead of Identity.
That was just a typo in the forum by me.
So I have followed all the instructions and I can't seem to find where I'm
going wrong.. It's basic security no drools. Seamgen created the
components.xml with a basic drools file.. I tried with and with out that
file.. With @In Identity, with Identity ident = Identity.instance() and
Identity.instance() everywhere.
This is Seam 2.0Beta with JBoss 4.2.0GA. Windows XP and M$SQL Server for the
DB.
Funny thing is I used seam generate-entities which enables security for the
Edit actions on entities. This works just fine with my Authenticator module
so I'm guessing I'm doing something right. :-)
By the way.. Does anyone know what the security is for the edit pages created
by generate-entity? Is it loggedIn? or hasRole("admin")???
Many Thanks!!!
Gary
Here's the output of log.info messages:
| 12:42:01,392 INFO [Authenticator] adding role: ROLE_VIEW to user: superuser
| 12:42:01,392 INFO [Authenticator] adding role: ROLE_RUN_LINK to user:
superuser
| 12:42:01,392 INFO [Authenticator] customer:3
| 12:42:01,392 INFO [Authenticator] Has Role: No
| 12:42:01,392 INFO [Authenticator] has Role2: No
|
Here's my Components.xml:
| <?xml version="1.0" encoding="UTF-8"?>
| <components xmlns="http://jboss.com/products/seam/components";
| xmlns:core="http://jboss.com/products/seam/core";
| xmlns:persistence="http://jboss.com/products/seam/persistence";
| xmlns:drools="http://jboss.com/products/seam/drools";
| xmlns:security="http://jboss.com/products/seam/security";
| xmlns:mail="http://jboss.com/products/seam/mail";
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
| xsi:schemaLocation=
| "http://jboss.com/products/seam/core
http://jboss.com/products/seam/core-2.0.xsd
| http://jboss.com/products/seam/persistence
http://jboss.com/products/seam/persistence-2.0.xsd
| http://jboss.com/products/seam/drools
http://jboss.com/products/seam/drools-2.0.xsd
| http://jboss.com/products/seam/security
http://jboss.com/products/seam/security-2.0.xsd
| http://jboss.com/products/seam/mail
http://jboss.com/products/seam/mail-2.0.xsd
| http://jboss.com/products/seam/components
http://jboss.com/products/seam/components-2.0.xsd";>
|
| <core:init debug="@debug@" jndi-pattern="@jndiPattern@"/>
|
| <core:manager concurrent-request-timeout="500"
| conversation-timeout="120000"
| conversation-id-parameter="cid"/>
|
| <persistence:filter name="customerFilter" enabled="#{identity.loggedIn}">
| <persistence:name>customerFilter</persistence:name>
| <persistence:parameters>
| <key>customerId</key>
| <value>#{customerId}</value>
| </persistence:parameters>
| </persistence:filter>
|
| <persistence:managed-persistence-context name="entityManager"
| auto-create="true"
|
entity-manager-factory="#{knxseamEntityManagerFactory}">
| <persistence:filters>
| <value>#{customerFilter}</value>
| </persistence:filters>
| </persistence:managed-persistence-context>
|
| <persistence:entity-manager-factory name="knxseamEntityManagerFactory"
| persistence-unit-name="knxseam"/>
| <security:identity authenticate-method="#{authenticator.authenticate}"
| remember-me="true"/>
|
| <event type="org.jboss.seam.notLoggedIn">
| <action expression="#{redirect.captureCurrentView}"/>
| </event>
| <event type="org.jboss.seam.postAuthenticate">
| <action expression="#{redirect.returnToCapturedView}"/>
| </event>
|
| <mail:mail-session host="localhost" port="2525" username="test"
password="test" />
|
| </components>
|
Here's my Authenticator code:
| @Name("authenticator")
| public class Authenticator {
| @Logger
| Log log;
|
| @In
| EntityManager entityManager;
|
| public boolean authenticate() {
| try {
| UserAccount user = (UserAccount) entityManager
| .createQuery(
| "from UserAccount where
name = :username and authenticationCredentials = :password")
| .setParameter("username",
Identity.instance().getUsername())
| .setParameter("password",
Identity.instance().getPassword())
| .getSingleResult();
| if (user.getAuthoritieses() != null) {
| for (Authorities role :
user.getAuthoritieses()) {
| log.info("adding role: #0 to user:
#1", role.getAuthority(), Identity.instance().getUsername());
|
Identity.instance().addRole(role.getAuthority());
| }
| }
| Identity.instance().addRole("admin");
| log.info("customer:#0",
user.getCustomer().getCustomerId());
| log.info("Has Role: #0",
(Identity.instance().hasRole("ROLE_RUN_LINK"))?"Yes":"No");
| log.info("has Role2: #0",
(Identity.instance().hasRole("admin"))?"Yes":"No");
| Contexts.getSessionContext().set("customerId",
user.getCustomer().getCustomerId());
| return true;
| } catch (NoResultException ex) {
| FacesMessages.instance().add("Invalid
username/password");
| return false;
| }
| }
| }
|
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4061744#4061744
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4061744
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
