[JBoss Seam] - Preserving querystring during redirect.captureCurrentView()
by monkeyden
Is there a way to preserve the querystring during redirect.captureCurrentView()? I have a requirement which states that some screen elements are to be displayed when the user is logged in, otherwise, display a login link. This page has querystring parameters which need to be preserved after the login challenge, to allow for bookmarking. It appears as though this code from Redirect.captureCurrentView() only preserves the submitted values
parameters = Pages.instance().getViewRootValues(context);
The next issue will be that a redirect is happening, in which case the client will still have the URL of the login page in the address bar.
I'm thinking about doing something like this, where the first action will capture the querystring and and add them to the current view:
| <event type="org.jboss.seam.notLoggedIn">
| <action expression="#{myBean.loginChallengePreserveQueryString}"/>
| <action expression="#{redirect.captureCurrentView}"/>
| </event>
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4061749#4061749
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4061749
18Â years, 9Â months
[JBoss Seam] - Re: Identity.hasRole()...
by garypinkham
first I realized the subject said Instance.hasRole() in stead of Identity. That was just a typo in the forum by me.
So I have followed all the instructions and I can't seem to find where I'm going wrong.. It's basic security no drools. Seamgen created the components.xml with a basic drools file.. I tried with and with out that file.. With @In Identity, with Identity ident = Identity.instance() and Identity.instance() everywhere.
This is Seam 2.0Beta with JBoss 4.2.0GA. Windows XP and M$SQL Server for the DB.
Funny thing is I used seam generate-entities which enables security for the Edit actions on entities. This works just fine with my Authenticator module so I'm guessing I'm doing something right. :-)
By the way.. Does anyone know what the security is for the edit pages created by generate-entity? Is it loggedIn? or hasRole("admin")???
Many Thanks!!!
Gary
Here's the output of log.info messages:
| 12:42:01,392 INFO [Authenticator] adding role: ROLE_VIEW to user: superuser
| 12:42:01,392 INFO [Authenticator] adding role: ROLE_RUN_LINK to user: superuser
| 12:42:01,392 INFO [Authenticator] customer:3
| 12:42:01,392 INFO [Authenticator] Has Role: No
| 12:42:01,392 INFO [Authenticator] has Role2: No
|
Here's my Components.xml:
| <?xml version="1.0" encoding="UTF-8"?>
| <components xmlns="http://jboss.com/products/seam/components"
| xmlns:core="http://jboss.com/products/seam/core"
| xmlns:persistence="http://jboss.com/products/seam/persistence"
| xmlns:drools="http://jboss.com/products/seam/drools"
| xmlns:security="http://jboss.com/products/seam/security"
| xmlns:mail="http://jboss.com/products/seam/mail"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation=
| "http://jboss.com/products/seam/core http://jboss.com/products/seam/core-2.0.xsd
| http://jboss.com/products/seam/persistence http://jboss.com/products/seam/persistence-2.0.xsd
| http://jboss.com/products/seam/drools http://jboss.com/products/seam/drools-2.0.xsd
| http://jboss.com/products/seam/security http://jboss.com/products/seam/security-2.0.xsd
| http://jboss.com/products/seam/mail http://jboss.com/products/seam/mail-2.0.xsd
| http://jboss.com/products/seam/components http://jboss.com/products/seam/components-2.0.xsd">
|
| <core:init debug="@debug@" jndi-pattern="@jndiPattern@"/>
|
| <core:manager concurrent-request-timeout="500"
| conversation-timeout="120000"
| conversation-id-parameter="cid"/>
|
| <persistence:filter name="customerFilter" enabled="#{identity.loggedIn}">
| <persistence:name>customerFilter</persistence:name>
| <persistence:parameters>
| <key>customerId</key>
| <value>#{customerId}</value>
| </persistence:parameters>
| </persistence:filter>
|
| <persistence:managed-persistence-context name="entityManager"
| auto-create="true"
| entity-manager-factory="#{knxseamEntityManagerFactory}">
| <persistence:filters>
| <value>#{customerFilter}</value>
| </persistence:filters>
| </persistence:managed-persistence-context>
|
| <persistence:entity-manager-factory name="knxseamEntityManagerFactory"
| persistence-unit-name="knxseam"/>
| <security:identity authenticate-method="#{authenticator.authenticate}"
| remember-me="true"/>
|
| <event type="org.jboss.seam.notLoggedIn">
| <action expression="#{redirect.captureCurrentView}"/>
| </event>
| <event type="org.jboss.seam.postAuthenticate">
| <action expression="#{redirect.returnToCapturedView}"/>
| </event>
|
| <mail:mail-session host="localhost" port="2525" username="test" password="test" />
|
| </components>
|
Here's my Authenticator code:
| @Name("authenticator")
| public class Authenticator {
| @Logger
| Log log;
|
| @In
| EntityManager entityManager;
|
| public boolean authenticate() {
| try {
| UserAccount user = (UserAccount) entityManager
| .createQuery(
| "from UserAccount where name = :username and authenticationCredentials = :password")
| .setParameter("username", Identity.instance().getUsername())
| .setParameter("password", Identity.instance().getPassword())
| .getSingleResult();
| if (user.getAuthoritieses() != null) {
| for (Authorities role : user.getAuthoritieses()) {
| log.info("adding role: #0 to user: #1", role.getAuthority(), Identity.instance().getUsername());
| Identity.instance().addRole(role.getAuthority());
| }
| }
| Identity.instance().addRole("admin");
| log.info("customer:#0", user.getCustomer().getCustomerId());
| log.info("Has Role: #0", (Identity.instance().hasRole("ROLE_RUN_LINK"))?"Yes":"No");
| log.info("has Role2: #0", (Identity.instance().hasRole("admin"))?"Yes":"No");
| Contexts.getSessionContext().set("customerId", user.getCustomer().getCustomerId());
| return true;
| } catch (NoResultException ex) {
| FacesMessages.instance().add("Invalid username/password");
| return false;
| }
| }
| }
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4061744#4061744
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4061744
18Â years, 9Â months
[JBoss jBPM] - jBPM 3.2.1 jbpm-console with a different database
by msandoz
i started off trying to customize JBoss AS to use jbpm but after a lot of unsuccessful fiddling, i decided to minimize the variables in the installation and use the installation included in the jbpm-jpdl-3.2.1 bundle. the only change i wanted to make was to change the database.
I've read the many wiki entries on switching databases with jbpm. i populated the database using the dbCreate class and that seemed to work fine using the sesamestreet.xml.
i'm running run.bat -c jbpm from the server/bin directory in the installation.
before i make my changes, users can log in using the included hypersonic database with the manager role etc. afterwards, all i get i security errors trying to even log in.
here's my change set:
1. deployed the postgres jdbc driver: postgresql-8.2-504.jdbc3.jar
2. jbpm-ds: i modified as below:
| <?xml version="1.0" encoding="UTF-8"?>
|
| <datasources>
| <local-tx-datasource>
| <jndi-name>JbpmDS</jndi-name>
| <connection-url>jdbc:postgresql://localhost:5432/jbpm</connection-url>
| <driver-class>org.postgresql.Driver</driver-class>
| <user-name>jbpm</user-name>
| <password>jbpm</password>
| <metadata>
| <type-mapping>PostgreSQL 8.1</type-mapping>
| </metadata>
| </local-tx-datasource>
| </datasources>
|
3. the jbpm-console.war in the deploy directory i exploded, modified the hibernate.cfg.xml as follows:
<property name="hibernate.dialect">org.hibernate.dialect.PostgreSQLDialect</property>
|
the hibernate file was already pointing to the right datasource - java:/JbpmDS so i didnt change it
i then re-zipped it and redeployed it into the deploy directory.
what i get when i try to log in is:
Access to the specified resource (Access to the requested resource has been denied) has been forbidden. - a 403 error. and there are no exceptions in the server log.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4061739#4061739
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4061739
18Â years, 9Â months