[jboss-user] [JBoss Seam] - Re: Identity.hasRole()...

garypinkham do-not-reply at jboss.com
Sun Jul 8 12:52:32 EDT 2007 

first I realized the subject said Instance.hasRole() in stead of Identity.    That was just a typo in the forum by me.   

So I have followed all the instructions and I can't seem to find where I'm going wrong.. It's basic security no drools.  Seamgen created the components.xml with a basic drools file..  I tried with and with out that file..  With @In Identity, with Identity ident = Identity.instance() and Identity.instance() everywhere.    

This is Seam 2.0Beta with JBoss 4.2.0GA.    Windows XP and M$SQL Server for the DB.   

Funny thing is I used seam generate-entities which enables security for the Edit actions on entities.   This works just fine with my Authenticator module so I'm guessing I'm doing something right. :-)

By the way..  Does anyone know what the security is for the edit pages created by generate-entity?    Is it loggedIn?   or hasRole("admin")???

Many Thanks!!!
Gary

Here's the output of log.info messages:

  | 12:42:01,392 INFO  [Authenticator] adding role: ROLE_VIEW to user: superuser
  | 12:42:01,392 INFO  [Authenticator] adding role: ROLE_RUN_LINK to user: superuser
  | 12:42:01,392 INFO  [Authenticator] customer:3
  | 12:42:01,392 INFO  [Authenticator] Has Role: No
  | 12:42:01,392 INFO  [Authenticator] has Role2: No
  | 

Here's my Components.xml:


  | <?xml version="1.0" encoding="UTF-8"?>
  | <components xmlns="http://jboss.com/products/seam/components"
  |             xmlns:core="http://jboss.com/products/seam/core"
  |             xmlns:persistence="http://jboss.com/products/seam/persistence"
  |             xmlns:drools="http://jboss.com/products/seam/drools"
  |             xmlns:security="http://jboss.com/products/seam/security"
  |             xmlns:mail="http://jboss.com/products/seam/mail"
  |             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  |             xsi:schemaLocation=
  |                 "http://jboss.com/products/seam/core http://jboss.com/products/seam/core-2.0.xsd 
  |                  http://jboss.com/products/seam/persistence http://jboss.com/products/seam/persistence-2.0.xsd 
  |                  http://jboss.com/products/seam/drools http://jboss.com/products/seam/drools-2.0.xsd
  |                  http://jboss.com/products/seam/security http://jboss.com/products/seam/security-2.0.xsd
  |                  http://jboss.com/products/seam/mail http://jboss.com/products/seam/mail-2.0.xsd
  |                  http://jboss.com/products/seam/components http://jboss.com/products/seam/components-2.0.xsd">
  | 
  |    <core:init debug="@debug@" jndi-pattern="@jndiPattern@"/>
  |      
  |    <core:manager concurrent-request-timeout="500" 
  |                  conversation-timeout="120000" 
  |                  conversation-id-parameter="cid"/>
  |                  
  |    <persistence:filter name="customerFilter" enabled="#{identity.loggedIn}">
  |         <persistence:name>customerFilter</persistence:name>
  |         <persistence:parameters>
  |             <key>customerId</key>
  |             <value>#{customerId}</value>
  |         </persistence:parameters>
  |     </persistence:filter>
  |     
  |    <persistence:managed-persistence-context name="entityManager"
  |                                      auto-create="true"
  |                           entity-manager-factory="#{knxseamEntityManagerFactory}">
  |         <persistence:filters>
  |         	<value>#{customerFilter}</value>
  |         </persistence:filters>
  |     </persistence:managed-persistence-context>
  | 
  |    <persistence:entity-manager-factory name="knxseamEntityManagerFactory" 
  |                       persistence-unit-name="knxseam"/>
  |    <security:identity authenticate-method="#{authenticator.authenticate}"
  |                               remember-me="true"/>
  |                               
  |    <event type="org.jboss.seam.notLoggedIn">
  |        <action expression="#{redirect.captureCurrentView}"/>
  |    </event>
  |    <event type="org.jboss.seam.postAuthenticate">
  |        <action expression="#{redirect.returnToCapturedView}"/>
  |    </event>
  |    
  |    <mail:mail-session host="localhost" port="2525" username="test" password="test" />
  |               
  | </components>
  | 

Here's my Authenticator code:

  | @Name("authenticator")
  | public class Authenticator {
  | 	@Logger
  | 	Log log;
  | 
  | 	@In
  | 	EntityManager entityManager;
  | 
  | 	public boolean authenticate() {
  | 		try {
  | 			UserAccount user = (UserAccount) entityManager
  | 					.createQuery(
  | 							"from UserAccount where name = :username and authenticationCredentials = :password")
  | 					.setParameter("username", Identity.instance().getUsername())
  | 					.setParameter("password", Identity.instance().getPassword())
  | 					.getSingleResult();
  | 			 if (user.getAuthoritieses() != null) {
  | 				 for (Authorities role : user.getAuthoritieses()) {
  | 					 log.info("adding role: #0 to user: #1", role.getAuthority(), Identity.instance().getUsername());
  | 					 Identity.instance().addRole(role.getAuthority());
  | 				 }
  | 			 }
  | 			 Identity.instance().addRole("admin");
  | 			 log.info("customer:#0", user.getCustomer().getCustomerId());
  | 			 log.info("Has Role: #0", (Identity.instance().hasRole("ROLE_RUN_LINK"))?"Yes":"No");
  | 			 log.info("has Role2: #0", (Identity.instance().hasRole("admin"))?"Yes":"No");
  | 			Contexts.getSessionContext().set("customerId", user.getCustomer().getCustomerId());
  | 			return true;
  | 		} catch (NoResultException ex) {
  | 			FacesMessages.instance().add("Invalid username/password");
  | 			return false;
  | 		}
  | 	}
  | }
  | 


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4061744#4061744

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4061744

More information about the jboss-user mailing list