Clever Geek Handbook

Automatically enter passwords using credentials

I successfully created a project using seam credentials for authentication, but now some requirements are changing (as usual) and I need to authenticate the user automatically. See example below:

the user calls the page: http: // server: port / project / index.jsp? parameter = xyz . This page should call the seam component and get the parameter to populate the credentials.us id, but it doesn't work as expected.

my pages.xml:

<page view-id="*" action="#{authenticator.authenticate}" >
    <rewrite pattern="/index/{cpf}" />
    <rewrite pattern="/home/{cpf}" />
    <param name="#{credentials.username}" value="123456" />
    <param name="authenticator.teste" value="#{param['cpf']}" />
    <param name="cpf" value="#{param['cpf']}" />
    <param name="token" value="#{param['cpf']}" />
    <navigation >
        <rule if-outcome="home">
            <redirect view-id="/home.xhtml" />
        </rule>
        <rule if-outcome="index">
            <redirect view-id="#{authenticator.authenticate}" include-page-params="true" />
        </rule>
    </navigation>
</page>

my authenticatorBean (a lot of tests here, I've tried everything):

@Stateless
@Name("authenticator")
public class AuthenticatorBean implements Authenticator {

    @Out String token;
    @Out String cpf;
    @Out String xyz;
    @Out String teste;

    @Logger private Log log;
    @In EntityManager entityManager;
    @In Identity identity;
    @In Credentials credentials;
    public boolean authenticate() {

        System.out.println(credentials.getUsername());

        System.out.println(cpf);
        System.out.println(xyz);
        System.out.println(teste);


        @SuppressWarnings("unused")
        FacesContext fcx = FacesContext.getCurrentInstance();
        String cpf = fcx.getExternalContext().getRequestContextPath();
        String cpf2 = fcx.getExternalContext().getRequestParameterMap().get("token");
        String cpf21 = fcx.getExternalContext().getRequestParameterMap().get("cpf");
        String cpf22 = fcx.getExternalContext().getRequestParameterMap().get("xyz");
        String cpf23 = fcx.getExternalContext().getRequestParameterMap().get("teste");
        String cpf3 = fcx.getExternalContext().getInitParameter("cpf");
        String cpf4 = fcx.getExternalContext().getRequestPathInfo();
        String cpf5 = fcx.getExternalContext().getRequestServletPath();
        Object cpf6 = fcx.getExternalContext().getRequest();
        Object cpf7 = fcx.getExternalContext().getContext();
        Object cpf8 = fcx.getExternalContext().getRequestMap();
        Object cpf9 = fcx.getExternalContext().getRequestParameterNames();

        log.info("authenticating {0}", credentials.getUsername());
        Usuario usuario = (Usuario) entityManager.createQuery("select u from Usuario u where u.cpf = :cpf")
        .setParameter("cpf", credentials.getUsername())
        .getSingleResult();

        log.info("authenticating {0}", credentials.getUsername());

        if (usuario != null) {
             identity.addRole("admin");
             return Boolean.TRUE;
        }

        return false;
    }

}

Can anyone help me? i cant get parameter in authenticatorBean

Thank!

+2


source to share


3 answers


it's pretty simple. See below:

PAGES.XML

<page view-id="/home.xhtml">
        <action execute="#{identity.login}" if="#{not identity.loggedIn}" />
        <param name="username" />
        <navigation from-action="#{identity.login}">
            <rule if="#{identity.loggedIn}">
                <redirect view-id="/home.xhtml"/>
            </rule>
            <rule if="#{not identity.loggedIn}">
                <redirect view-id="/error.xhtml"/>
            </rule>
        </navigation>
    </page>


As you can see, I declare the parameter username and when the client enters the url " http: // host: port / project / home.seam? Username = xyz , the parameter gets the username variable in the seam component:

@Logger private Log log;

@In(required = true)
private String username;

@In(required=false, scope=ScopeType.SESSION)
Usuario usuario;

@In @Out
Identity identity;

@In @Out
Credentials credentials;

public boolean authenticate(){

    log.info("authenticating {0}", username);

    try {

        UsuarioBean usuarioBean = (UsuarioBean) Component.getInstance(UsuarioBean.class, true);
        usuario = usuarioBean.validaUsuario(username);

        if (usuario == null){
            throw new AuthorizationException("login failed");
        }else{
            credentials.setUsername(usuario.getNome());
            return Boolean.TRUE;
        }

    }catch(Exception e){
        log.error("falha na autenticação do usuario {0} : {1}", username, e.getCause().toString());
        throw new AuthorizationException("login failed");
    }

}

I hope this information is helpful to you. Good luck!

+2


source


This Seam FAQ shows you how to access the HttpServletRequest object.

The HttpServletRequest object has a method named getRemoteUser ().

This open source library, http://spnego.sourceforge.net , will enable your application server to perform integrated Windows / sso authentication.



It is installed as a servlet filter.

In the web.xml file, define the filter to run before any Seam material.

+1


source


I ran into a similar problem, although there is no page in my case:

Seam: login using external SSO application

I see you have taken a different route.

What I am currently considering is to make a JSF page that will accept my parameter, save, to generate values ​​via JS and autosubmit. it's ugly, but it should work.

0


source






More articles:


All Articles