Click here to Skip to main content
12,829,103 members (36,777 online)
Click here to Skip to main content
Add your own
alternative version

Tagged as


Posted 14 Jun 2013

How to Setup seam3-Security in JBoss 7

, 14 Jun 2013 GPL3
Rate this:
Please Sign up or sign in to vote.
Setup Seam3-security in JBoss 7


Recently, I've done some research on several Java Security Frameworks that can perform authentication, authorization and cryptography.

I've worked with Apache Shiro, it's really good and complete but I've found several problems like there's no default implementation for CDI interceptor for security annotations. Here's a sample implementation and setup that I did long ago.

And long time ago, I've used seam2-security and now I'm trying with seam3, here goes.

  1. I started by creating a javaee6 project generated from jboss maven archetype (ear type). This could also be done on a war type project of course (where the ejbs are in ejb project).
  2. In your main project maven's dependencyManagement section, add:

    This will ensure that we are using the correct seam-jar versions across our projects.

  3. And in the ejb project maven's dependencies section, add seam3-security dependency:
  4. In web project, create a beans.xml file in WEB-INF folder. This file is also required for CDI to work. And here we define the interceptor:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="" 
     xmlns:s="urn:java:ee" xmlns:security=""
      <s:modifies />
  5. Then we have to define the interceptor class:
    import javax.enterprise.inject.Model;
    import javax.inject.Inject;
    import org.picketlink.idm.impl.api.PasswordCredential;
    import org.picketlink.idm.impl.api.model.SimpleUser;
    public class Authenticator extends BaseAuthenticator {
     Credentials credentials;
     public Authenticator() {
     public void authenticate() {
      System.out.println("logging in: " + credentials.getUsername());
      if ("demo".equals(credentials.getUsername())
        && credentials.getCredential() instanceof PasswordCredential
        && "demo".equals
        (((PasswordCredential) credentials.getCredential()).getValue())) {
       setUser(new SimpleUser("demo"));
  6. To hide a component in the UI, you can use identity.hasPermission or identity.hasRole.
  7. You can download the source code from Google code.


This article, along with any associated source code and files, is licensed under The GNU General Public License (GPLv3)


About the Author

Edward Legaspi
Software Developer (Senior) Manaty
Philippines Philippines
As a programmer, I've worked on a wide variety of software development projects that had been deployed on different platforms (web, mobile, desktop). Although I learned and use an array of programming languages such as JavaEE6,, seam, php, android, xcode, etc. It's always been my favorite and priority to work with JavaEE6 and with the latest development they have (JavaEE6, MVC3, EF4). My expertise lies not only in programming but on software and database design as well, this is because I've been involved in the design of several custom software applications from scratch. Over the years I've worked on different positions like Developer, Software Engineer, Team Lead, Technical Lead and Project Manager, these experiences made me flexible and effective in the IT Industry.

You may also be interested in...

Comments and Discussions

-- There are no messages in this forum --
Permalink | Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.170326.1 | Last Updated 14 Jun 2013
Article Copyright 2013 by Edward Legaspi
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid