wood burning stoves 2.0*
The moose likes Other Application Frameworks and the fly likes Seam 2.1 Identity Management and SSO Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Other Application Frameworks
Bookmark "Seam 2.1 Identity Management and SSO" Watch "Seam 2.1 Identity Management and SSO" New topic
Author

Seam 2.1 Identity Management and SSO

Uchana Jackson
Ranch Hand

Joined: Dec 07, 2007
Posts: 37
Excellent book! I've been using Seam since 1.2 and this book is by far the best and most detailed I've read thus far (I have read three other Seam books). I especially appreciate the pics and tables (summarizes a lot of info quickly/easily); those should be added to the Seam ref docs. Very nice job on the editing, looks very clean so far! I use it for reference a lot now as well as the Seam ref docs. Index is very good as well.

Regarding section 11.1.3 A glimpse at Seam�s identity management, I need to get a better understanding of what you mean by "your authentication method
becomes history". I did build and deploy seamspace from 2.1.0.CR1 into EAP Jboss AS from JBDS 1.1.0.GA and got some deployment exceptions as listed here:

http://www.seamframework.org/Community/SeamspaceNotDeployingSuccessfully

Is there a better example on how Seam Id Management will integrate with JBossSSO or OpenID or OpenSSO, etc.?

Currently we are using NTLM with a custom authenticator class which authenticates the user first via NTLM and then authorizes via identity.addRole(). The method adds the role(s) the current user is in for that app to the Seam Identity session-scoped instance.

We have our own corporate Identity Management solution but we do not have a Role table in that schema. We'd like to keep it in a central db so we don't replicate the Member/User table and Role table for each Seam app. We'd also like to add an Application table such that the schema can be centralized (i.e., after authentication, we need to find all the roles this user is assigned to for this app). We have multiple field sites doing Seam development and so our distributed model makes things more complicated.

Will we be able to implement SSO with JBoss 4.2 and org.jboss.seam.security.management.JpaIdentityStore?? any examples showing how to accomplish this?

We're also concerned about the fact that we may not be able to use Seam Id Management until we upgrade to EAP 5.0 (if 2.1 is included in that release).

Here is a related Q&A from Pete Muir's blog:

I am starting a new seam project that will release into production within 3 months. Can I safely start with Seam 2.1 with confidence that the beta cycle will be complete by year's end?

yes ;-) The Seam 2.1.0.GA release will be available in the next month or so. There will be follow on releases that focus on specific improvements 2.1.1 (increased performance) and 2.1.2 (SSO support). These should be drop in replacements for 2.1.0.


http://in.relation.to/Bloggers/Pete


SCJP 1.4<br />SCBCD 5
Jason Porter
Ranch Hand

Joined: Apr 26, 2007
Posts: 120
Originally posted by Uchana Jackson:

Regarding section 11.1.3 A glimpse at Seam�s identity management, I need to get a better understanding of what you mean by "your authentication method
becomes history".


Take a look at the Seam reference chapter 15 section 4 for more information. When Dan finished Seam in Action this portion was still being actively developed, so the book is a little sparse on actual implementation and details.


Is there a better example on how Seam Id Management will integrate with JBossSSO or OpenID or OpenSSO, etc.?


Couple of JIRA issues for you, unfortunately it looks like they've slipped a little from 2.1.0

https://jira.jboss.org/jira/browse/JBSEAM-1032

https://jira.jboss.org/jira/browse/JBSEAM-2654

Also be sure to watch http://in.relation.to for other announcements.


Currently we are using NTLM with a custom authenticator class which authenticates the user first via NTLM and then authorizes via identity.addRole(). The method adds the role(s) the current user is in for that app to the Seam Identity session-scoped instance.

We have our own corporate Identity Management solution but we do not have a Role table in that schema. We'd like to keep it in a central db so we don't replicate the Member/User table and Role table for each Seam app. We'd also like to add an Application table such that the schema can be centralized (i.e., after authentication, we need to find all the roles this user is assigned to for this app). We have multiple field sites doing Seam development and so our distributed model makes things more complicated.

Will we be able to implement SSO with JBoss 4.2 and org.jboss.seam.security.management.JpaIdentityStore?? any examples showing how to accomplish this?


See link above.
Dan Allen
Author
Ranch Hand

Joined: Mar 05, 2003
Posts: 164
Regarding section 11.1.3 A glimpse at Seam�s identity management, I need to get a better understanding of what you mean by "your authentication method becomes history".


What I mean is that if you are using generic database-based or LDAP-based authentication, and it's capable of being mapped into Seam's new identity management framework, then you don't need to write an authentication method because Seam provides one for you. What was once:



is replaced by a variety of other configurations documented in the security chapter of the reference documentation.


Dan Allen | http://mojavelinux.com | Author of Seam in Action - http://mojavelinux.com/seaminaction
Dan Allen
Author
Ranch Hand

Joined: Mar 05, 2003
Posts: 164
Excellent book! I've been using Seam since 1.2 and this book is by far the best and most detailed I've read thus far (I have read three other Seam books). I especially appreciate the pics and tables (summarizes a lot of info quickly/easily); those should be added to the Seam ref docs. Very nice job on the editing, looks very clean so far! I use it for reference a lot now as well as the Seam ref docs. Index is very good as well.


Thank you for your kind words of praise. My wife will also be happy to know that you like the index, since she did a lot of that work Would you be willing to post this comment as a review on Amazon.com or BarnesAndNoble.com? I know, I am such a glutton for reviews, but know that I genuinely want other people to benefit from the information I stuffed into this book as well...and they need to know it's going to be worth their while.
Dan Allen
Author
Ranch Hand

Joined: Mar 05, 2003
Posts: 164
Will we be able to implement SSO with JBoss 4.2 and org.jboss.seam.security.management.JpaIdentityStore?? any examples showing how to accomplish this?


These features are forthcoming, likely in Seam 2.1.

We're also concerned about the fact that we may not be able to use Seam Id Management until we upgrade to EAP 5.0 (if 2.1 is included in that release).


JBoss now has the idea of feature packs so that you can upgrade Seam w/o having to upgrade your application server.
Uchana Jackson
Ranch Hand

Joined: Dec 07, 2007
Posts: 37
Thank you for your kind words of praise. My wife will also be happy to know that you like the index, since she did a lot of that work Would you be willing to post this comment as a review on Amazon.com or BarnesAndNoble.com? I know, I am such a glutton for reviews, but know that I genuinely want other people to benefit from the information I stuffed into this book as well...and they need to know it's going to be worth their while.


You seem like a genuinely nice and helpful guy. Don't worry, i'll write a very good review for you soon...

<From Mark Spritzler: I removed a not nice comment from your post. Remember the #1 rule at JavaRanch. Be Nice.>
[ October 30, 2008: Message edited by: Mark Spritzler ]
Uchana Jackson
Ranch Hand

Joined: Dec 07, 2007
Posts: 37
Sorry, the ugly comment was not about Dan.

I have just posted a very *NICE* review of Seam in Actin on amazon. Enjoy.
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17250
    
    6

Originally posted by Uchana Jackson:
Sorry, the ugly comment was not about Dan.

I have just posted a very *NICE* review of Seam in Actin on amazon. Enjoy.


I concur, it was someone else completely.

Just to note, no matter who it was, I would have removed the comment.

Mark


Perfect World Programming, LLC - Two Laptop Bag - Tube Organizer
How to Ask Questions the Smart Way FAQ
 
Consider Paul's rocket mass heater.
 
subject: Seam 2.1 Identity Management and SSO