The problem is that the Seam security model is tightly coupled to a JAAS model
of security - i.e. the Subject class and friends. With CAS and our custom
Tomcat Valve, the servlet container associates/manages a copy of the
authenticated Principal (a.k.a. userPrincipal in Seam) with the
HttpServ
I need SSO with other old struts application on same server.
With this class SSO authentication works, but authorization
#{s:hasRole('admin')} don't :-(
@Name("org.jboss.seam.security.identity")
@Scope(SESSION)
@Install(precedence = Install.APPLICATION)
@Intercept(NEVER)
@Startup
public class MyI
I create issue http://jira.jboss.com/jira/browse/JBSEAM-967. Note that what
I'm really asking at the moment, is for away to establish an Identity that uses
the HttpServletRequest to obtain the Principal, and check roles.
Thanks,
Brad Smith
View the original post :
http://www.jboss.com/index.h
I don't think it would be too hard for Seam Security to authenticate against a
Tomcat realm - if you create a JIRA issue for this and assign it to me I'll add
this functionality when I get a chance.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4024387#402438