Win a copy of Java EE 8 High Performance this week in the Java/Jakarta EE forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

custom authentication, container model  RSS feed

Posts: 15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm building a webapp that needs to be authenticated from an existing user database, and I'm trying to decide whether to implement this authentication as part of the webapp itself or as an extension to the web container. I'm wondering if there are any design patterns that might be relevant, or if anyone has any experiences, wisdom, warnings, or opinions on the matter.
The considerations/doubts I have so far are:
- portability/reusability scenarios, eg. moving the webapp to a different container, using the same authentication in a new webapp.
- if some of the information about the user is relevant and meaningful only within the application, is it an argument for making the authentication part of the application, or is it an argument for separating application-related user info from authentication-related user info?
- To what extent is it consistent with J2EE's container model and J2EE's view of separation of roles for an application to do its own authentication?
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!