Please check this blog before moving to shiro
http://balusc.blogspot.com/2013/01/apache-shiro-is-it-ready-for-java-ee-6.html
Dev Khadka
Synergy Tech Software Pvt. Ltd.
e-Mail: [email protected]
Office: 977-1-5009085, 5526297
Mobile: +9779841358015
On 9/3/2013 7:30 PM, [email protected] wrote:
Apache Shiro would be an alternative too.
Quoting Kelly Goedert <[email protected]>:
Thanks. I will try picketlink/box
On Tue, Sep 3, 2013 at 10:42 AM, <[email protected]>
wrote:
Hi,
DeltaSpike doesn't provide an authentication mechanism.
You could integrate Picketlink/Box or build your own. With an own
producer
for current user (Take care of the annotation) you have nearly the same
like seam. And for some role checking you can build an easy helper
class
too. I did the last way and included something like that:
@Named(value = "authenticator")
@SessionScoped
public class Authenticator implements Serializable {
/**
* Serial Version UID
*/
private static final long serialVersionUID = 1L;
@Inject
private UserServiceLocal userService;
private String loginName;
private String password;
private User currentUser;
public String authenticate() {
if (null != currentUser) {
return "home?faces-redirect=true";
}
currentUser = userService.findByLoginName(**loginName);
if (null != currentUser) {
if(currentUser.getPassword().**equals(password)) {
return "home?faces-redirect=true";
}
currentUser = null;
}
return "index?faces-redirect=true";
}
public String logout() {
currentUser = null; FacesContext.**getCurrentInstance().**
getExternalContext().**invalidateSession();
return "index?faces-redirect=true";
}
@Named
@Produces
@CurrentUser
public User getCurrentUser() {
return currentUser;
}
/**
* @return the password
*/
public String getPassword() {
return password;
}
/**
* @param password the password to set
*/
public void setPassword(String password) {
this.password = password;
}
public String getLoginName() {
return loginName;
}
public void setLoginName(String loginName) {
this.loginName = loginName;
}
}
@Named
@ViewScoped
public class Security implements Serializable {
/**
* Serial Version UID
*/
private static final long serialVersionUID = 1L;
@Inject
@CurrentUser
private User user;
@Inject
private SecurityServiceLocal securityService;
private List<String> roleNames;
@PostConstruct
public void init() {
if (null != user) {
roleNames = new ArrayList<String>();
for (SecurityRole role :
securityService.loadUserRoles(**user))
{
roleNames.add(role.getName());
}
}
}
public boolean hasRole(String roleName) {
if (null != roleNames && !roleNames.isEmpty() && null !=
roleName)
{
return roleNames.contains(roleName);
}
return false;
}
public boolean isAdmin() {
if (null != roleNames && !roleNames.isEmpty()) {
return roleNames.contains("ADMIN");
}
return false;
}
public boolean isLoggedIn() {
if (null != user) {
return true;
}
return false;
}
Kind Regards
Florian
Quoting Kelly Goedert <[email protected]>:
Hi,
I have a very simple application working with seam 3. It has a
login and a
simple crud. Now I would like to migrate this simple example to
deltaspike.
I simply added deltaspike core and security dependencies, but I am
missing
the dependencies for BaseAuthenticator and Authenticator interface.
What dependencies I am missing? Is there an example on doing a simple
authentication process?
Thanks
Kelly
