Win a copy of Cross-Platform Desktop Applications: Using Node, Electron, and NW.js this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

How to authenticate users with a web app ?  RSS feed

 
Dave Van Even
Ranch Hand
Posts: 101
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi,
Considdering a web application (build on struts) that needs to authenticate users and check wether they have the right authorization for some actions. I'm using EJB.
I don't see how it's best to login/dealwith users.

Should I leave authentication and authorization to the container with JAAS ? Struts 1.1 has an excelent exception handling mechanism so thrown java.lang.SecurityException's by the EJB container can declaritevely be intercepted with the struts-config.xml file. It's quite easy to redirect to an 'error' page when this happens.
THANK YOU Rick Hightower for your tutorial (Introducing EJB-CMP/CMR) !! I've truely learned alot from it! But how to 'mix' what you explain in the tutorial (the example) with a real-life application with JAAS ? Or am I the one mixing things up ??
 
Anonymous
Ranch Hand
Posts: 18944
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
On your side i would use JAAS to handle authentication. Most app servers handle this perfectly. But you have to be carefully, some application server like WAS3.5 need LDAP for this.
But you still have to configure your web.xml to provide full access security to your web layer.
And your ejb-jar.xml for you ejb layer to secure your bean methods
 
Arijit Ghosh
Ranch Hand
Posts: 174
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Dave,
Can you send me the link for the tutorial that Rick sent you ?
Thanks.
 
Dave Van Even
Ranch Hand
Posts: 101
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!