3:47 a.m.
Hy,
I have a WEB-application based on JEE6 with CDI and JSF2 running on Jboss7.1
The security part is done be the "DATABASE" login module defined in
standalone.xml from JBoss.
The web application uses the security defined by "security-constraint"s in
the web.xml file.
Everything is working fine.
Now I want to start with aerogear, specially aerogear-android.
I have added the aerogear-controller with the picketlink authentication
successfully in my existing application.
My android-app can successfully login/logout and use the pipes to load the
data.
BUT, I have now *2 different authentication system*, the
DATABASE-login-module with the security-constraint-webxml and the
aerogear-picketlink.
Here the jboss config:
And the web.xml part:
How can I change to get the picketlink authentication working like the
DATABASE-login-module?
I want to handle the jsf-security part in the web.xml with
security-contraints, otherwise I should have to define a lot of "routes".
Thanks for any help/suggestions,
Tom
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/integrate-aerogear-into-existin...
Sent from the aerogear-dev mailing list archive at Nabble.com.
8:49 a.m.
Hi my friend. PicketLink is under development and will be integrated with AS in the
future, so for now is not possible to do such thing. As alternative to authorization I
suggest the following approach:
https://github.com/aerogear/aerogear-controller-demo/blob/master/src/main...
or if you don't want to use authorization on controller's routes, is possible to
define it by method
https://github.com/picketlink/TODO/blob/master/server/src/main/java/org/a...
Makes sense? Let me know if it helps.
--
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile
On Friday, April 5, 2013 at 5:47 AM, tomlux wrote:
Hy,
I have a WEB-application based on JEE6 with CDI and JSF2 running on Jboss7.1
The security part is done be the "DATABASE" login module defined in
standalone.xml from JBoss.
The web application uses the security defined by "security-constraint"s in
the web.xml (http://web.xml) file.
Everything is working fine.
Now I want to start with aerogear, specially aerogear-android.
I have added the aerogear-controller with the picketlink authentication
successfully in my existing application.
My android-app can successfully login/logout and use the pipes to load the
data.
BUT, I have now *2 different authentication system*, the
DATABASE-login-module with the security-constraint-webxml and the
aerogear-picketlink.
Here the jboss config:
And the web.xml (http://web.xml) part:
How can I change to get the picketlink authentication working like the
DATABASE-login-module?
I want to handle the jsf-security part in the web.xml (http://web.xml) with
security-contraints, otherwise I should have to define a lot of "routes".
Thanks for any help/suggestions,
Tom
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/integrate-aerogear-into-existin...
Sent from the aerogear-dev mailing list archive at Nabble.com (http://Nabble.com).
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org (mailto:aerogear-dev@lists.jboss.org)
https://lists.jboss.org/mailman/listinfo/aerogear-dev
4:03 p.m.
Hy,
thanks for the quick answer.
I just did a workaround with a WebFilter where I'm checking the
"idendity.isLoggedIn".
This helps me to migrate the complete authentication to Picketlink.
As I have a lot of jsf pages, this is easier to define using wildcards as
defining each page as route.
Thanks for your suggestions,
Tom
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/integrate-aerogear-into-existin...
Sent from the aerogear-dev mailing list archive at Nabble.com.
4283
days inactive
4283
days old
2 comments
2 participants
participants (2)
-
Bruno Oliveira -
tomlux