Ok, I'm starting to get an understanding of your requirements. Let's address the issues separately.
First of all, redirection - I'm not a fan of having the JAAS login module performing a redirect, I think this is a bad thing. Instead, how about you use login-view, and simply have this view do a client-side redirect to your other authentication page? <meta http-equiv="Refresh" content="0; URL=http://authenticate.institution.edu";> Secondly, detecting that the user has authenticated. You'll notice in the Identity class that there are two isLoggedIn() methods. The one that accepts a boolean parameter provides a means to perform an authentication "on the spot" so to speak, but *only* if the user's credentials are set. In the default implementation of the isCredentialsSet() method it checks that a username and password are provided. If you are instead authenticating via a cookie, you'll need to override this method and have it return true if there is a valid cookie present. That way, when you set #{identity.isLoggedIn(true)} on your page it should actually perform an authentication. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4070400#4070400 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4070400 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
