3

I'm trying to implement JSF authentication with PickeLink 2.6.0 (EAR, Wildfly 8.1.0), as shown in the PicketLink 'picketlink-authentication-jsf' quickstart. I provided an authentication marked with the @PicketLink annotation, but Identity.login() always returns FAILED. This is my JSF form:

    <h:form>
        <h:panelGrid styleClass="full">
            <h:inputText value="#{loginCredentials.userId}" required="true"
                pt:placeholder="Username" />
            <h:inputSecret value="#{loginCredentials.password}" required="true"
                pt:placeholder="Password" />
            <h:commandButton value="Login" action="#{loginAction.login()}" />
        </h:panelGrid>
    </h:form>

This is my LoginAction bean in the WAR module:

import java.util.logging.Logger;
import javax.enterprise.context.RequestScoped;
import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.inject.Inject;
import javax.inject.Named;
import org.picketlink.Identity;
import org.picketlink.Identity.AuthenticationResult;
import org.picketlink.credential.DefaultLoginCredentials;

@RequestScoped
@Named
public class LoginAction {

    @Inject
    private Identity identity;
    @Inject
    private DefaultLoginCredentials credentials;

    protected Logger log = Logger.getLogger(this.getClass().getSimpleName());

    public void login() {
        this.log.info(String.format("%s => %s", this.credentials.getUserId(), this.credentials.getPassword()));  // Does get printed!
        AuthenticationResult result = this.identity.login();
        this.log.info(result.toString());

        if (AuthenticationResult.FAILED.equals(result)) {
            FacesContext.getCurrentInstance().addMessage(
                    null,
                    new FacesMessage(FacesMessage.SEVERITY_ERROR,
                            "Authentication was unsuccessful.  Please check your username and password "
                                    + "before trying again.", ""));
        }
    }
}

And my Authenticator in the EJB module:

import java.util.logging.Logger;    
import javax.inject.Inject;    
import org.picketlink.annotations.PicketLink;
import org.picketlink.authentication.BaseAuthenticator;
import org.picketlink.credential.DefaultLoginCredentials;

@PicketLink
public class Authenticator extends BaseAuthenticator {

    @Inject
    private DefaultLoginCredentials credentials;
    @Inject
    private ApplicationAuthenticator applicationAuthenticator;

    protected Logger log = Logger.getLogger(this.getClass().getSimpleName());

    @Override
    public void authenticate() {
        this.log.info("authenticate"); // Not printed!
        this.log.info(String.format("%s => %s", this.credentials.getUserId(), this.credentials.getPassword()));

        ProcessResult auth = this.applicationAuthenticator.authUser(
                this.credentials.getUserId(), this.credentials.getPassword());
        this.log.info(auth.toString());

        if (auth.getResult()) {
            this.setStatus(AuthenticationStatus.SUCCESS);
            this.log.info(AuthenticationStatus.SUCCESS.toString());
        } else {
            this.setStatus(AuthenticationStatus.FAILURE);
            this.log.info(AuthenticationStatus.FAILURE.toString());
        }
    }

}

Looks as if my Authenticator is not called at all. This is what I get from the log:

12:25:00,093 INFO  [LoginAction] (LoginAction.java:27) defaultuser => defaultpass
12:25:00,105 INFO  [idm] (DefaultPartitionManager.java:165) PLIDM001000: Bootstrapping PicketLink IDM Partition Manager
12:25:00,107 INFO  [store] (AbstractIdentityStore.java:50) PLIDM001001: Initializing Identity Store [class org.picketlink.idm.file.internal.FileIdentityStore]
12:25:00,110 WARN  [file] (FileDataSource.java:173) PLIDM001101: Working directory [C:\Users\JPANGA~1\AppData\Local\Temp\pl-idm] is marked to be always created. All your existing data will be lost.
12:25:00,165 INFO  [file] (FileDataSource.java:180) PLIDM001100: Using working directory [C:\Users\JPANGA~1\AppData\Local\Temp\pl-idm].
12:25:00,252 INFO  [LoginAction] (LoginAction.java:29) FAILED

The PicketLinks jars are at $EAR_ROOT/lib.

I read the docs at http://docs.jboss.org/picketlink/2/latest/reference/html-single/ and it looks like I'm not missing anything. Why can't I get my Authenticator to work?

jpangamarca
  • 713
  • 2
  • 13
  • 33

1 Answers1

3

After getting more familiar with CDI I realized my silly mistake (the answer wasn't in PLINK docs, but in EE docs). All I needed was to add

@Named
@RequestScoped

to the bean. It still won't work without setting the account after setting the authentication status (I missed that):

this.setStatus(AuthenticationStatus.SUCCESS);
this.setAccount(new User(username)); // <-- don't miss this!
jpangamarca
  • 713
  • 2
  • 13
  • 33
  • To be clear - add the CDI Annotations to the custom `Authenticator`. However one would expect PicketLink bootstrapping would automatically pick it up based on the `@PicketLink` Annotation. [Similar issue](http://stackoverflow.com/q/23632402/744133) – YoYo Jul 17 '16 at 14:41
  • Yeah, the problem was the bean discovery mode, it was set to "annotated". – jpangamarca Jul 17 '16 at 15:05
  • That is fine, but without annotation, you would have to add that in the bean.xml, and reference docs also do not have any reference to that. Either way I think we are still missing a piece of information which we need to hear from from the original developers. – YoYo Jul 17 '16 at 17:22