问题
As the title say, I created a class in the war layer that is annotated with @Picketlink. Note that I have an ear deployment structure (ejb, war).
The custom authenticator:
@PicketLink
public class PicketlinkAuthenticator extends BaseAuthenticator { }
If I put that class in the ejb layer, the authentication is ok but when I put it to the war layer it seems like it's not found by the project as it's throwing:
20:49:46,027 INFO [org.picketlink.common] (default task-10) Using logger implementation: org.picketlink.common.DefaultPicketLinkLogger
20:49:46,043 INFO [org.picketlink.idm] (default task-10) PLIDM001000: Bootstrapping PicketLink Identity Manager
20:49:46,068 WARN [org.picketlink.idm] (default task-10) PLIDM001101: Working directory [\tmp\pl-idm] is marked to be always created. All your existing data will be lost.
20:49:46,111 INFO [org.picketlink.idm] (default task-10) PLIDM001100: Using working directory [\tmp\pl-idm].
20:49:46,127 DEBUG [org.picketlink.idm] (default task-10) No partitions to load from \tmp\pl-idm\pl-idm-partitions.db
20:49:46,152 DEBUG [org.picketlink.idm] (default task-10) Initializing Partition [6a373282-0173-4b7d-bd6a-ff0e5dc43436] with id [6a373282-0173-4b7d-bd6a-ff0e5dc43436].
20:49:46,153 DEBUG [org.picketlink.idm] (default task-10) Loaded Agents for Partition [6a373282-0173-4b7d-bd6a-ff0e5dc43436].
20:49:46,154 DEBUG [org.picketlink.idm] (default task-10) Loaded Credentials for Partition [6a373282-0173-4b7d-bd6a-ff0e5dc43436].
Why not just move the authenticator to the ejb side? ->Because I'm throwing custom error like user expired, etc. I need jsf to post these error messages.
Why not move the picketlink dependency in the web layer? ->Because my account that extended the picketlink account is binded to my services.
As suggested here I already added the picketlink module in the war project: https://docs.jboss.org/author/display/PLINK/JBoss+Modules
<jboss-deployment-structure>
<ear-subdeployments-isolated>false</ear-subdeployments-isolated>
<sub-deployment name="THE-WAR-MODULE-THAT-REQUIRES-PICKETLINK.war">
<dependencies>
<module name="org.picketlink" />
</dependencies>
</sub-deployment>
</jboss-deployment-structure>
Anyway around this? I just want to show some custom errors :-(
回答1:
I was not able to solve this problem but I have a work-around solution and that is to move the picketlink module to the web layer and just pass the identity instance to the services that need it.
回答2:
I have been missing around with the same problem as well for a while now (it's 2016 now ...). What seems to make it work is to add the following CDI annotations:
@PicketLink
@Name
@RequestScoped
public class PicketlinkAuthenticator extends BaseAuthenticator { }
I would have expected the core Authentication Manager to pick this up just based on the @PicketLink Annotation, but without the CDI Annotations, the custom Authenticator class is never even loaded. Maybe there is an other way that will require us to bootstrap PicketLink - but I could not find any references.
来源:https://stackoverflow.com/questions/23632402/how-can-i-implement-picketlink-authenticator-in-the-war-layer