Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Login procedure

 
Renat Zubairov
Greenhorn
Posts: 29
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All!
How is login/logout is typically done. I'm just chosing between two options:
1. Entity bean represents user and have a business methods is obtained via finder method with login and password and stored using Handle.
2. Statefull session bean do this (session facade), therefore it manage a session for user.
Which one do you prefer and why?
P.S. Two client types are exists (Web and Swing)
[ May 29, 2004: Message edited by: Renat Zubairov ]
 
Dushy Inguva
Ranch Hand
Posts: 264
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Renat,

You would protect the bean and authenticate from the web-tier(use web authentication) or the J2SE client side(use JAAS). (You would use container managed security)

You would not want to use any of the following approaches because:
1. Entity bean represents user and have a business methods is obtained via finder method with login and password and stored using Handle.

Entity bean's finder methods should not have login credentials. You will have a problem if a stateless session facade would want to use this entity bean.(You may have to send the credentials everytime)

2. Statefull session bean do this (session facade), therefore it manage a session for user.
Which one do you prefer and why?

It is generally good to minimize the usage of Stateful session beans for scalability constraints. And, if the thick client dies prematurely, there is no clean way of sending the Stateful Session bean back to pool.

Any other thoughts guys?

Dushy
[ June 02, 2004: Message edited by: Dushy Inguva ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic