[jboss-user] [JBoss Seam] - Re: Seam 1.1.5, authentication, and writing an authenticatio

[gavin.king@jboss.com]

"gdaswani" wrote : Looking at the SEAM 1.1.5 documentation, and the SeamLoginModule - it's able to call a custom method as long as it's
  | 
  | boolean (java.lang.String username, java.lang.String password, java.util.Set roles)
  | 
  | This only works for username/password type authentication..  It would be nice if there was an extended method signature that allowed passing in on the HttpServletRequest
  | 
  | ie.. Something like
  | 
  | boolean (HttpServletRequest request, HttpServletResponse response, Set roles);
  | 
  | the above is pretty useful when using it with single sign on systems (which usually pass tokens through a cookie, or a URL parameter, or even rig up some support for SPNEGO).
  | 
  | 

What Shane said.

But also note that the method that is being called is just a method of an ordinary Seam component. You can inject any state you like, and you can call FacesContext.getCurrentInstance().getExternalContext() to mess with HTTP stuff.

In fact, I'm still not sure that the username, password, and set of roles shouldn't be *injected* into the Authenticator object, rather than passed as parameters. But this way requires less code, so I guess its better.


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4010493#4010493

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4010493