This is a quick one:
When you want to login a user programmatically without checking if the credentials are right or the user is in the IdentityStore with Seam 2, that is pretty easy.
final Principal principal = new SimplePrincipal("username"); identity.acceptExternallyAuthenticatedPrincipal(principal); identity.authenticate(); |
This will override the Seam 2 Security Framework authentication mechanism and a user with the given username will be logged in, even if the user is not in the IdentityStore of the Application.
I use this regularly when I have some sort of administration interface where I cannot use the default IdentityStore of the application. In this case I provide an own implementation of the required authentication mechanism and just log in the the user with the approach described above. When doing this I add a role to the logged in user (via identity.addRole("myRole")
), so I can use all the Seam goodies like the Authorization Annotations (@Restrict
) or checks like Identity.loggedIn
.
Nice info, just what I was looking for. Thanks.