[jboss-user] [JBoss Seam] - Re: Security Auto-Login Question
There are many discussions on the forum about how to execute auto-login. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4091042#4091042 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4091042 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Security Auto-Login Question
I have no idea how you happen to have the NT-Login-name available in the session. In our configuration the NT-Login is passed as an attribute of the HTTP-request (and availble via request.getRemoteUser()). I am using Seam 2 and I have added the authentication logic in my annotaded authentication class. In components.xml I have configured security:identity authenticate-method=#{authenticator.authenticate} / | In pages.xml I have the following config: page view-id=/login.xhtml | action execute=#{identity.login}/ | navigation from-action=#{identity.login} | rule if=#{identity.loggedIn} | redirect view-id=/main.xhtml/redirect | /rule | rule if=#{not identity.loggedIn} | redirect view-id=/loginFailed.xhtml/redirect | /rule | /navigation | /page The login.xml page is not existing. It is just a stub. The method identity.login() should be called and itself calling authenticator.authenticate() but it isn't. Any idea why? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4089313#4089313 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4089313 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Security Auto-Login Question
We need also NTLM authentication and the configuration is quite apparent. However to me is not clear how to obtain the HTTP-request-headers from my authenticator.autenthicate() EJB3 bean-method in order to call request.getRemoteUser(). Seam provides Annotation for @RequestParameter, but I don't see anything like @HttpRequest to inject to javax.servlet.HttpServletRequest any suggestion is appeciated. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4088785#4088785 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4088785 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Security Auto-Login Question
Hi, I will get around to posting this up on the WIKI but the 'day job' is currently taking up more than it's fair share of time. When it all calms down i'll get it done. In answer to your query I use: @In Context sessionContext; | | ... | | ((NtlmPasswordAuthentication) sessionContext.get(NtlmHttpAuth)).getUsername() | | This allows me to extract the current session user's username, which I then pass off to the real authentication/authorisation code. Hope this helps. Craig View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4088789#4088789 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4088789 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Security Auto-Login Question
What about situation where we just don't know the first Seam page the user is going to hit? This is the case in portal environments. Just keep hitting the #{identity.login} everytime? | page view-id=/* action=#{identity.login} | /page | Or can we use @Factory or smt? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4038818#4038818 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4038818 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Security Auto-Login Question
[EMAIL PROTECTED] wrote : It would be great if you could post the NTLM part of your solution on the Seam wiki. | Sounds like it could be JCIFS http filter - jcifs.samba.org View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4038877#4038877 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4038877 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Security Auto-Login Question
Excellent that did the trick. Cheers View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4027104#4027104 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4027104 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Security Auto-Login Question
It would be great if you could post the NTLM part of your solution on the Seam wiki. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4027110#4027110 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4027110 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Security Auto-Login Question
In the pages.xml add the page configuration for the first page you want to access (usually login.xhtml or home.html) and execute the login before rendering the page. Somthing like: | page view-id=/login.xhtml action=#{identity.login} | navigation from-action=#{identity.login} | rule if=#{identity.loggedIn} | redirect view-id=/home.xhtml/ | /rule | /navigation | /page | The above example means: When you are trying to access to the page login.xhtml the identity.login action will be executed (same as pressing the button in the page, but without render anything yet), then your authenticator.authenticate method will be called, then if such method returns true, you will be logged in, and the next lines checks if you are logged in using the rule, and if that is true you can redirect the page you want, in this case it is reirecting the home.xhtml (of course already logged in). HTH. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4019028#4019028 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4019028 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user