I've been using the following quickstarts, modified:
-
org.picketlink.quickstarts.picketlink-federation-saml-idp-basic
-
org.picketlink.quickstarts.picketlink-authentication-form-with-jsf
The goal is to be able to @Inject an Identity and call getAccount(), as well as stuff like @Observes LoggedInEvent when using the SAML2LoginModule on Wildfly.
It doesn't seem to work. Identity.getAccount() always returns null, identity.isLoggedIn() is false, and @Observes LoggedInEvent is not triggered.
Are the two systems, IDM and SAML2LoginModule, not "integrated", for lack of better word?
Sample JSF snippet
<p>identity.account.loginName: #{identity.account.loginName}, this resource is protected. If you reach this page is because you're authenticated.</p>
|
<p>request.getUserPrincipal().getName(): #{request.getUserPrincipal().getName()} </p>
|
<p>identity.isLoggedIn(): #{identity.isLoggedIn()} </p>
|
results in:
identity.account.loginName: , this resource is protected. If you reach this page is because you're authenticated.
request.getUserPrincipal().getName(): tomcat
identity.isLoggedIn(): false
So request.getUserPrincipal().getName() is correct, but identity.account.loginName is null.
Is there a workaround, or some other way to "capture" SAML2 events and integrate it with IDM?
I can post all this on GitHub if it's helpful
Thanks!
|