first I realized the subject said Instance.hasRole() in stead of Identity. That was just a typo in the forum by me. So I have followed all the instructions and I can't seem to find where I'm going wrong.. It's basic security no drools. Seamgen created the components.xml with a basic drools file.. I tried with and with out that file.. With @In Identity, with Identity ident = Identity.instance() and Identity.instance() everywhere. This is Seam 2.0Beta with JBoss 4.2.0GA. Windows XP and M$SQL Server for the DB. Funny thing is I used seam generate-entities which enables security for the Edit actions on entities. This works just fine with my Authenticator module so I'm guessing I'm doing something right. :-) By the way.. Does anyone know what the security is for the edit pages created by generate-entity? Is it loggedIn? or hasRole("admin")??? Many Thanks!!! Gary Here's the output of log.info messages: | 12:42:01,392 INFO [Authenticator] adding role: ROLE_VIEW to user: superuser | 12:42:01,392 INFO [Authenticator] adding role: ROLE_RUN_LINK to user: superuser | 12:42:01,392 INFO [Authenticator] customer:3 | 12:42:01,392 INFO [Authenticator] Has Role: No | 12:42:01,392 INFO [Authenticator] has Role2: No | Here's my Components.xml: | <?xml version="1.0" encoding="UTF-8"?> | <components xmlns="http://jboss.com/products/seam/components" | xmlns:core="http://jboss.com/products/seam/core" | xmlns:persistence="http://jboss.com/products/seam/persistence" | xmlns:drools="http://jboss.com/products/seam/drools" | xmlns:security="http://jboss.com/products/seam/security" | xmlns:mail="http://jboss.com/products/seam/mail" | xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | xsi:schemaLocation= | "http://jboss.com/products/seam/core http://jboss.com/products/seam/core-2.0.xsd | http://jboss.com/products/seam/persistence http://jboss.com/products/seam/persistence-2.0.xsd | http://jboss.com/products/seam/drools http://jboss.com/products/seam/drools-2.0.xsd | http://jboss.com/products/seam/security http://jboss.com/products/seam/security-2.0.xsd | http://jboss.com/products/seam/mail http://jboss.com/products/seam/mail-2.0.xsd | http://jboss.com/products/seam/components http://jboss.com/products/seam/components-2.0.xsd"> | | <core:init debug="@debug@" jndi-pattern="@jndiPattern@"/> | | <core:manager concurrent-request-timeout="500" | conversation-timeout="120000" | conversation-id-parameter="cid"/> | | <persistence:filter name="customerFilter" enabled="#{identity.loggedIn}"> | <persistence:name>customerFilter</persistence:name> | <persistence:parameters> | <key>customerId</key> | <value>#{customerId}</value> | </persistence:parameters> | </persistence:filter> | | <persistence:managed-persistence-context name="entityManager" | auto-create="true" | entity-manager-factory="#{knxseamEntityManagerFactory}"> | <persistence:filters> | <value>#{customerFilter}</value> | </persistence:filters> | </persistence:managed-persistence-context> | | <persistence:entity-manager-factory name="knxseamEntityManagerFactory" | persistence-unit-name="knxseam"/> | <security:identity authenticate-method="#{authenticator.authenticate}" | remember-me="true"/> | | <event type="org.jboss.seam.notLoggedIn"> | <action expression="#{redirect.captureCurrentView}"/> | </event> | <event type="org.jboss.seam.postAuthenticate"> | <action expression="#{redirect.returnToCapturedView}"/> | </event> | | <mail:mail-session host="localhost" port="2525" username="test" password="test" /> | | </components> | Here's my Authenticator code: | @Name("authenticator") | public class Authenticator { | @Logger | Log log; | | @In | EntityManager entityManager; | | public boolean authenticate() { | try { | UserAccount user = (UserAccount) entityManager | .createQuery( | "from UserAccount where name = :username and authenticationCredentials = :password") | .setParameter("username", Identity.instance().getUsername()) | .setParameter("password", Identity.instance().getPassword()) | .getSingleResult(); | if (user.getAuthoritieses() != null) { | for (Authorities role : user.getAuthoritieses()) { | log.info("adding role: #0 to user: #1", role.getAuthority(), Identity.instance().getUsername()); | Identity.instance().addRole(role.getAuthority()); | } | } | Identity.instance().addRole("admin"); | log.info("customer:#0", user.getCustomer().getCustomerId()); | log.info("Has Role: #0", (Identity.instance().hasRole("ROLE_RUN_LINK"))?"Yes":"No"); | log.info("has Role2: #0", (Identity.instance().hasRole("admin"))?"Yes":"No"); | Contexts.getSessionContext().set("customerId", user.getCustomer().getCustomerId()); | return true; | } catch (NoResultException ex) { | FacesMessages.instance().add("Invalid username/password"); | return false; | } | } | } | View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4061744#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...