I have a Seam application that have to use an external one to login. The logic is as follows:
- My app开发者_如何学编程 sends user to external SSO URL
- User does what it takes to authenticate there
- On success, the external app redirects user back to my app with a random token
- My code should contact the external app via HTTP with the passed token and get complete user information in return
Pretty straightforward. But I'm stuck.
The redirect is coming to /seam/resources/token. I intended to get Identity from the session, populate it with token, and authenticate. But in the resource handler the user session is apparently not visible: session context is null. :(
I tried to do LifeCycle.beginCall there, and it works in a sense: authentication logic works, but the result never get available to the user (user's session still has empty Identity).
What do I do wrong?
P.S. Here is more or less complete code of my resource handler. Logging and other unrelated stuff removed for brevity.
@Scope(ScopeType.APPLICATION)
@Name("tokenResource")
// @BypassInterceptors
public class TokenResource extends AbstractResource {
@Override
public String getResourcePath() {
return "/token";
}
@Override
public void getResource(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
String token = request.getParameter("token");
// woot?
Lifecycle.beginCall();
Identity identity = Identity.instance();
MyIdentity mid = (MyIdentity) identity;
mid.setToken(token);
mid.login();
response.sendRedirect("/home.seam");
}
Perhaps outject the identity back to Session context?
You can use JBoss Picketlink to integrate with OpenID and Google. There are a couple of examples in the bundle they are offering and seems to be straight forward to use it with Seam.
The only small thing to notice and take care is that the project is in early stages, so a few bugs can pop in.
精彩评论