<Context>
<Valve className="org.picketlink.social.facebook.FacebookAuthenticator"
returnURL="http://localhost:8080/j/"
scope="email"
clientID="193791...66726"
clientSecret="b6d74...1989d9f45c270c5bac6"
roleString="JBossAdmin"/>
</Context>
This article is now out dated. Please use the information provided in the PicketLink Facebook Authentication Quickstart as a reference.
PicketLink Facebook Connector is available as part of the PicketLink Social Project.
Usable in Apache Tomcat and JBoss Application Server.
FacebookAuthenticator
FQN: org.picketlink.social.facebook.FacebookAuthenticator
Configuration
Configuration is done in a context.xml
Tomcat: Place it in META-INF of your war.
JBoss: Place it in WEB-INF of your war.
The configuration items are:
-
clientID (Also known as App ID in the Facebook Developer Console)
-
clientSecret (Also known as Application Secret in Facebook Developer Console)
-
returnURL : URL of your application where the facebook redirect has to happen. (keep it the same as the url of your application)
-
scope: can be "email" or "email,read_stream". More info: http://developers.facebook.com/docs/authentication/permissions/
-
roleString: a comma separated list of string values that represent the roles that the user should have such that the web application security is met.
JBoss AS specific configuration
In my example web application (which was named j.war and was a copy of jmx-console.war), I had the following jboss-web.xml
<jboss-web>
<security-domain>facebook</security-domain>
</jboss-web>
Now in conf/login-config.xml, I defined the login modules.
<application-policy name="facebook">
<authentication>
<login-module code="org.picketlink.social.facebook.FacebookLoginModule"
flag="required"/>
</authentication>
</application-policy>
Troubleshooting
-
In the Facebook Developer console where your app settings exist, Edit Settings ->WebSite >
-
Site URL: Specify the url of your web application.
-
Site Domain: domain of your web application. (If testing locally, you can specify localhost)
-