[seam-commits] Seam SVN: r7361 - trunk/src/main/org/jboss/seam/security.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Mon Feb 4 19:32:47 EST 2008
Author: shane.bryzak at jboss.com
Date: 2008-02-04 19:32:46 -0500 (Mon, 04 Feb 2008)
New Revision: 7361
Modified:
trunk/src/main/org/jboss/seam/security/FacesSecurityEvents.java
trunk/src/main/org/jboss/seam/security/Identity.java
trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java
Log:
Identity.logout() only unauthenticates if user is logged in. New event raised when already-authenticated user attempts to login again.
Modified: trunk/src/main/org/jboss/seam/security/FacesSecurityEvents.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/FacesSecurityEvents.java 2008-02-04 22:46:33 UTC (rev 7360)
+++ trunk/src/main/org/jboss/seam/security/FacesSecurityEvents.java 2008-02-05 00:32:46 UTC (rev 7361)
@@ -139,4 +139,14 @@
{
return "org.jboss.seam.loginSuccessful";
}
+
+ @Observer(Identity.EVENT_ALREADY_LOGGED_IN)
+ public void addAlreadyLoggedInMessage()
+ {
+ FacesMessages.instance().addFromResourceBundleOrDefault (
+ FacesMessage.SEVERITY_WARN,
+ "org.jboss.seam.AlreadyLoggedIn",
+ "You are already logged in, please log out first if you wish to log in again"
+ );
+ }
}
Modified: trunk/src/main/org/jboss/seam/security/Identity.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/Identity.java 2008-02-04 22:46:33 UTC (rev 7360)
+++ trunk/src/main/org/jboss/seam/security/Identity.java 2008-02-05 00:32:46 UTC (rev 7361)
@@ -64,6 +64,7 @@
public static final String EVENT_LOGGED_OUT = "org.jboss.seam.security.loggedOut";
public static final String EVENT_CREDENTIALS_UPDATED = "org.jboss.seam.security.credentialsUpdated";
public static final String EVENT_REMEMBER_ME = "org.jboss.seam.security.rememberMe";
+ public static final String EVENT_ALREADY_LOGGED_IN = "org.jboss.seam.security.alreadyLoggedIn";
protected static boolean securityEnabled = true;
@@ -192,11 +193,28 @@
}
}
+ /**
+ * Attempts to authenticate the user. This method is distinct to the
+ * authenticate() method in that it raises events in response to whether
+ * authentication is successful or not. The following events may be raised
+ * by calling login():
+ *
+ * org.jboss.seam.security.loginSuccessful - raised when authentication is successful
+ * org.jboss.seam.security.loginFailed - raised when authentication fails
+ * org.jboss.seam.security.alreadyLoggedIn - raised if the user is already authenticated
+ *
+ * @return String returns "loggedIn" if user is authenticated, or null if not.
+ */
public String login()
{
try
- {
- authenticate();
+ {
+ if (!authenticate())
+ {
+ if (Events.exists()) Events.instance().raiseEvent(EVENT_ALREADY_LOGGED_IN);
+ return "loggedIn";
+ }
+
if ( log.isDebugEnabled() )
{
log.debug("Login successful for: " + getUsername());
@@ -230,7 +248,12 @@
catch (LoginException ex) { }
}
- public void authenticate()
+ /**
+ *
+ * @return boolean true if authentication is attempted, false if it is not.
+ * @throws LoginException
+ */
+ public boolean authenticate()
throws LoginException
{
// If we're already authenticated, then don't authenticate again
@@ -239,6 +262,11 @@
principal = null;
subject = new Subject();
authenticate( getLoginContext() );
+ return true;
+ }
+ else
+ {
+ return false;
}
}
@@ -250,7 +278,7 @@
authenticating = true;
preAuthenticate();
loginContext.login();
- postAuthenticate();
+ postAuthenticate();
}
finally
{
@@ -327,9 +355,12 @@
public void logout()
{
- unAuthenticate();
- Session.instance().invalidate();
- if (Events.exists()) Events.instance().raiseEvent(EVENT_LOGGED_OUT);
+ if (isLoggedIn(false))
+ {
+ unAuthenticate();
+ Session.instance().invalidate();
+ if (Events.exists()) Events.instance().raiseEvent(EVENT_LOGGED_OUT);
+ }
}
/**
Modified: trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java 2008-02-04 22:46:33 UTC (rev 7360)
+++ trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java 2008-02-05 00:32:46 UTC (rev 7361)
@@ -222,18 +222,5 @@
public void setSecurityRules(RuleBase securityRules)
{
this.securityRules = securityRules;
- }
-
- @Override
- public void logout()
- {
- // Explicitly destroy the security context
- if (getSecurityContext() != null)
- {
- getSecurityContext().dispose();
- setSecurityContext(null);
- }
-
- super.logout();
- }
+ }
}
More information about the seam-commits
mailing list