This is a quick one:
When you want to login a user programmatically without checking if the credentials are right or the user is in the IdentityStore with Seam 2, that is pretty easy.
final Principal principal = new SimplePrincipal("username"); identity.acceptExternallyAuthenticatedPrincipal(principal); identity.authenticate();
This will override the Seam 2 Security Framework authentication mechanism and a user with the given username will be logged in, even if the user is not in the IdentityStore of the Application.
I use this regularly when I have some sort of administration interface where I cannot use the default IdentityStore of the application. In this case I provide an own implementation of the required authentication mechanism and just log in the the user with the approach described above. When doing this I add a role to the logged in user (via
identity.addRole("myRole")), so I can use all the Seam goodies like the Authorization Annotations (
@Restrict) or checks like