• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Tim Cooke
  • Devaka Cooray
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Rob Spoor
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
Bartenders:
  • Carey Brown
  • Roland Mueller

Share my WebApp Security implementations experience

 
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
After I read HFB Sercurity chapter, I want to discuss it with you about this:

I have 2 years experience of developing a web application using struts, for authentication and authorization, we store the user (user name / password) and the user-role in Database.

Authentication (in Action class):


We use this approach to do Authentication and Authorization, I think it is a good approach so far. Since I use database to store the security info, I can modify it at run time. In addtion, this approach did not tie to any vendor product, so this will work no matter I use Tomcat or other web container.

I just wonder what's the advantange of using the J2EE Security mechanism describe in HFB ? (I found there are many vendor-specific configs, like setting tomcat-user.xml ....).

Could anyone share your experience of how to implement your webapp security ?

Or, is it possible to INTEGRATE both both of them (The one I use and one described in HFB) ?
 
Sasparilla and fresh horses for all my men! You will see to it, won't you tiny ad?
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic