[jboss-user] [JBoss Seam] - Using Seam Identity - What's the recommended approach?

[steveant]

Hi,  

I've found what looks like multiple methods of implementing your own authentication between the Seam Book, reference manual and various forum posts - is there a recommended approach we should be moving towards as a best practice?  Any comments would be greatly appreciated!

Method 1 - Seam Book: Section 20.1. Authentication and User Roles:
. . .
1.Create a method in backing bean:
public boolean login(String username, String password, List<String> roles)
2. add entry to components.xml:
<security:identity authenticate-method=
  | "#{authBean.login}"/>
the identity.username and identitiy.password values would automatically be forwarded to the hardwired method when identity.login() is called.

Method 2 - Seam Reference Manual: Section 12.3.1. Configuration
1. Create a method in backing bean:
public boolean authenticate()
2. add entry to components.xml:
<security:identity authenticate-method="#{authenticator.authenticate}"/>
In this case we'd call Identity.instance().getUsername() / .getPassword() to fetch the values.

Method 3 - We can override extend the existing identity class:
Name("org.jboss.seam.security.identity")
  | @Scope(ScopeType.SESSION)
  | @Intercept(InterceptionType.AFTER_RESTORE_VIEW)
  | public class MyIdentity extends RuleBasedIdentity
  | {
  |     public String login() {
  |     	return super.login(); 
  |     }
  | }


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4027799#4027799

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4027799