Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

User roles?  RSS feed

 
Janis Olex
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi! How user roles are implemented in servlets?
The task is to not have this standartd security context configuration, but some "manual" logging and still have user roles asociated with user who logs in! How to do this? Users are read from database, logging is totally manual, resource protection is manual, but I want associate roles with the user in such a way that method isUserInRole() still works!
 
Mike Curwen
Ranch Hand
Posts: 3695
IntelliJ IDE Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm fairly certain that those security-related methods for Principals will only work if you are using CMA (Container Managed Authentication).

If you're doing *everything* manually anyways, how about rolling your own 'isUserInRole()' method?

Create a 'User' object with this method. When the browser goes to a login page, you can read in all their details (their permissions and roles) from your tables and place them into this object. Then stick the object into their session.

On any page you want, you just say :
Of course that's pretty ugly, and you can probably hide most of that by using bean tags. But you get the idea.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!