• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
  • Junilu Lacar
Sheriffs:
  • Tim Cooke
  • Jeanne Boyarsky
  • Knute Snortum
Saloon Keepers:
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
  • Piet Souris
Bartenders:
  • salvin francis
  • fred rosenberger
  • Frits Walraven

Programmatic Authentication

 
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is there any kind of programatic authentication? I had read about programmatic authorization .But as far as i know about authentication you have to use the DD's element <login-config> .


But HF page 846 , Q. 37 says

It is not necessary to use DD of the application in order to verfiy that users are who they say they are. Use programmatic authentication instead.

What is right ?
 
Creator of Enthuware JWS+ V6
Posts: 3326
298
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

What is right ?



You can implement authentication yourself. Basically it is about checking username and password against a list of users that are allowed to use your web-app.

HTTP provides you a couple of solutions so why not make use of those, but programmatically everything is possible of course

Regards,
Frits
 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ok.. so DD is not absolutely neccesary to carry out authentication in a webapp.

thanks
 
Greenhorn
Posts: 12
jQuery Oracle Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Using DD for authentication is one of the solution and not the only solution...
You can manage your list of user names / passwords in any secure way be it a database or LDAP ...
 
Rancher
Posts: 1337
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Besides reimplementing form-based authentication, you can also re-implement basic authentication. It's just a matter of checking for appropriate HTTP "Authorization" headers, and returning 401 status responses if they're missing.
 
Ranch Hand
Posts: 160
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Parth Twari wrote:Is there any kind of programatic authentication? I had read about programmatic authorization .But as far as i know about authentication you have to use the DD's element <login-config> .

But HF page 846 , Q. 37 says

It is not necessary to use DD of the application in order to verfiy that users are who they say they are. Use programmatic authentication instead.

What is right ?



Hi Parth,

Regarding the older Servlet Specification, you can use

in order to verify that users are who they say they are.

I think that real programmatic authentication is introduced with Servlet 3.0 spec in HttpServletRequest :

It uses the container login mechanism configured for the ServletContext to authenticate the user making this request.
No additional configuration is necessary to have the login popup window displayed.
Only a .

With Servlet 3.0. there is more there for programmatic authentication :


Greetings,
Liviu

 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thanks liviu
 
Thank you my well lotioned goddess! Here, have my favorite tiny ad!
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
    Bookmark Topic Watch Topic
  • New Topic