Seam:使用外部SSO应用程序登录 [英] Seam: login using external SSO application

问题描述

我有一个Seam应用程序，必须使用外部应用程序登录.逻辑如下:

I have a Seam application that have to use an external one to login. The logic is as follows:

• 我的应用程序将用户发送到外部SSO URL
• 用户在此处进行身份验证
• 成功后，外部应用程序会使用随机令牌将用户重定向回我的应用程序
• 我的代码应使用所传递的令牌通过HTTP与外部应用程序联系，并获取完整的用户信息作为回报

非常简单.但是我被卡住了.

Pretty straightforward. But I'm stuck.

重定向即将到达/seam/resources/token.我打算从会话中获取身份，用令牌填充它并进行身份验证.但是在资源处理程序中，用户会话显然是不可见的:会话上下文为null. :(

The redirect is coming to /seam/resources/token. I intended to get Identity from the session, populate it with token, and authenticate. But in the resource handler the user session is apparently not visible: session context is null. :(

我尝试在那里执行LifeCycle.beginCall，并且从某种意义上说是可行的:身份验证逻辑有效，但是结果永远不会对用户可用(用户的会话仍然具有空的Identity).

I tried to do LifeCycle.beginCall there, and it works in a sense: authentication logic works, but the result never get available to the user (user's session still has empty Identity).

我该怎么办?

P.S.这或多或少是我的资源处理程序的完整代码.为简便起见，删除了日志记录和其他无关的东西.

P.S. Here is more or less complete code of my resource handler. Logging and other unrelated stuff removed for brevity.

@Scope(ScopeType.APPLICATION)
@Name("tokenResource")
// @BypassInterceptors
public class TokenResource extends AbstractResource {
    @Override
    public String getResourcePath() {
        return "/token";
    }

    @Override
    public void getResource(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
        String token = request.getParameter("token");

        // woot?
        Lifecycle.beginCall();

        Identity identity = Identity.instance(); 
        MyIdentity mid = (MyIdentity) identity;
        mid.setToken(token);
        mid.login();

        response.sendRedirect("/home.seam");
    }

推荐答案

您可以使用 JBoss Picketlink 与OpenID和Google集成.他们提供的捆绑软件中有几个示例，并且似乎可以直接将其与Seam一起使用.

You can use JBoss Picketlink to integrate with OpenID and Google. There are a couple of examples in the bundle they are offering and seems to be straight forward to use it with Seam.

唯一需要注意和注意的小事情是该项目处于早期阶段，因此可能会出现一些错误.

The only small thing to notice and take care is that the project is in early stages, so a few bugs can pop in.

这篇关于Seam:使用外部SSO应用程序登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！