Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

login question

 
Saha Kumar
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello All,

A pre-condition for all use cases requires that the user be logged in. Does this mean that the user must be logged in before the use case starts? For example, in the Prepare Itinerary UC, must the user be logged in while selecting the flights? Is there flexability here?

The reason for concern here is:

The prepare itinerary UC has said that the user must be logged in before confirming the itinerary. If the user is not logged in, the user will log in, and the 'itinerary confirmation window with selected flights' be presented. This is the same window the user was on before the login page was presented. This sequence is not supported by form-based login nor the petstore example. I am hoping for some flexibility in requirement interpretation.

Any responses are kindly welcomed.

-Saha

 
Thomas Taeger
Ranch Hand
Posts: 311
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Saha Kumar:
A pre-condition for all use cases requires that the user be logged in. Does this mean that the user must be logged in before the use case starts? For example, in the Prepare Itinerary UC, must the user be logged in while selecting the flights? Is there flexability here?

In theory: yes, as allready argued in your posting http://www.coderanch.com/t/154589/java-Architect-SCEA/certification/UML

Originally posted by Saha Kumar:
This sequence is not supported by form-based login

... and even worse: standard form-based login in case of Java/GUI-clients is vendor specific, is performd transparently and therefore in my oppionion must be separated from business workflow like presenting a list of ..., so there is no chance to follow the usecase literally if we do not want to spend more effort on the simple user id / password login than on the rest of the exam.

What do others think?

Thomas
 
Saha Kumar
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Thomas,

Thanks very much for the post. In the past, I have implemented J2EE security on a number of projects, and recognize its short-comings. The choice of security for a J2EE application is an architecture call. When considering how to meet the security requirements for this certificate, I just kept in mind that, if possible, try not to reinvent the wheel.

-Saha
 
Thomas Taeger
Ranch Hand
Posts: 311
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Saha,
Originally posted by Saha Kumar:
... for this certificate, I just kept in mind that, if possible, try not to reinvent the wheel.

I totally agree. I just rely on the default login behaviour that even may be vendor specific for Java/GUI clients.

But does that mean that you also ignore the business requirement of what I called "presenting a list of ..." on "Customer not logged on"?

Thomas
 
Saha Kumar
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Thomas,

I am not ignoring the alternate flow of 'User not logged in'.

I will put that in.

I will also abide by the pre-condition that the user be logged in.

One way is user's session timed-out.

-Saha
 
Thomas Taeger
Ranch Hand
Posts: 311
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Saha Kumar:
I will also abide by the pre-condition that the user be logged in.
One way is user's session timed-out.


Hi Saha,
now it becomes interesting: The pre-condition had been true on entering the usecase but is not true any longer because of say time out.

I never thought about that, but indeed a pre-condition is not an invariant.

All the same I probabely will let the default security mechanisms of the web and the EJB container enforce the default login.

Good luck,
Thomas
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic