[jboss-user] [JBoss Seam] - Re: Seam 1.1.5, authentication, and writing an authenticatio
do-not-reply at jboss.com
Sat Feb 3 15:04:54 EST 2007
"gdaswani" wrote : Looking at the SEAM 1.1.5 documentation, and the SeamLoginModule - it's able to call a custom method as long as it's
| boolean (java.lang.String username, java.lang.String password, java.util.Set roles)
| This only works for username/password type authentication.. It would be nice if there was an extended method signature that allowed passing in on the HttpServletRequest
| ie.. Something like
| boolean (HttpServletRequest request, HttpServletResponse response, Set roles);
| the above is pretty useful when using it with single sign on systems (which usually pass tokens through a cookie, or a URL parameter, or even rig up some support for SPNEGO).
What Shane said.
But also note that the method that is being called is just a method of an ordinary Seam component. You can inject any state you like, and you can call FacesContext.getCurrentInstance().getExternalContext() to mess with HTTP stuff.
In fact, I'm still not sure that the username, password, and set of roles shouldn't be *injected* into the Authenticator object, rather than passed as parameters. But this way requires less code, so I guess its better.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4010493#4010493
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4010493
More information about the jboss-user