Hi,
Im using an external SSO solution which already uses JAAS, will it integrate
with JBoss portal?
Thanks.
Yoni
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4070587#4070587
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=repl
Ok, I'm starting to get an understanding of your requirements. Let's address
the issues separately.
First of all, redirection - I'm not a fan of having the JAAS login module
performing a redirect, I think this is a bad thing. Instead, how about you use
login-view, and simply have this view do
OFF: This is a very useful thread, and I think its content should go into the
seam documentation. Integration of external authentication (external to seam)
is not only important when there is an sso webapp, but also if you try to
gradually introduce seam into an exisiting project. At this very f
And since I'm bossy and like looking gift help in the mouth :), I'm not sure
I'm all that hot on the use of the Pages component as part of the
authentication system. It kinda smells like
TIMTOWTDI(http://en.wikipedia.org/wiki/There's_more_than_one_way_to_do_it) and
I was never a big fan of MT
Thanks for your help so far, Shane.
NoMy users are authenticating against a web application on a different
server developed by a different group...so I've got to forward them to a login
page that isn't in my Seam app.
This is the simplified sequence of events:
1) an unauthenticated user tri
anonymous wrote : Setting the login-requred parameter to true resulted in me
being forwarded to seam-gen's login.xhtml view.
Isn't that the result that you wanted? BTW the exception handler for
NotLoggedInException is unrelated to the login-required attribute.
View the original post :
http:/
It's still not working. Setting the pages.xml entries(and updating to HEAD of
cvs) like so:
|
|
|
|
|
|
|
|
|#{identity.isLoggedIn(true)}
|
|
resulted in identical behavior.
Setting the login
You currently can't specify a restriction on the "*" view like that (in fact
you should be using the login-required attribute anyway). There's an
outstanding JIRA issue to that effect:
http://jira.jboss.org/jira/browse/JBSEAM-1009
What happens when you move your restriction to a more specific
After updating to the head of cvs, I'm able to get this stuff to work.
For the most part.
But, one problem remains-on the first view of a protected resource(like
wildcarded restriction below), the user is not being forced to authenticate:-).
On the second request, when the jsessionid cookie of
This is getting too complex. Try simply overriding the configuration factory
class like this:
@Name("org.jboss.seam.security.configurationFactory")
| @BypassInterceptors
| @Scope(ScopeType.STATELESS)
| @Install(precedence = DEPLOYMENT)
| public class MyConfigFactory extends Configuration
I think core to my problem is that I'm not really understanding how Seam 2's
default login module is deployed.
I've looked and found several jboss service xml deployment files but (perhaps
due to my limited experience with those files) it doesn't seem that it's how
the seam login module is acti
This is a very interesting thread, I will be following closely.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4068507#4068507
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4068507
__
Thanks for your continuing suggestions and patience, Shane.
I reimplemented by overriding getLoginContext() and it's still going boom.
here's my JAAS config factory method:
| @Factory(value="org.jboss.seam.security.configuration", autoCreate=true,
scope=APPLICATION)
|public javax.secur
No, it wasn't hit by a breakpoint. I'm going to try your suggestion because it
sounds cleaner, but I ended up overriding the getDefaultCallbackHander method
of Identity to return my preferred callbackhandler and setting up my login
module via jboss confuse-igation filesit's still not workin
Does getConfiguration() get hit when you set a breakpoint there? You may need
to extend Identity and override the getLoginContext() method.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4067663#4067663
Reply to the post :
http://www.jboss.com/index.html?mod
After reviewing the seam security documentation, I've written some code:
1) A JAAS Module:
| public class CustomLoginModule extends SeamLoginModule {
|
| private static final LogProvider log =
Logging.getLogProvider(SeamLoginModule.class);
|
| public CustomLoginModule
Thankfully, the servlet spec provides us with session management for free so
that we don't need to check each request for a session cookie ourselves. The
best thing I can suggest is to read the security chapter of the Seam reference
documentation to become familiar with how security works in Se
also, I'm using Seam 2 beta.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4066776#4066776
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4066776
___
jboss-user mailing list
jb
18 matches
Mail list logo
