• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Programmatic Authentication

 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is there any kind of programatic authentication? I had read about programmatic authorization .But as far as i know about authentication you have to use the DD's element <login-config> .


But HF page 846 , Q. 37 says

It is not necessary to use DD of the application in order to verfiy that users are who they say they are. Use programmatic authentication instead.

What is right ?
 
Frits Walraven
Creator of Enthuware JWS+ V6
Saloon Keeper
Pie
Posts: 2410
95
Android Chrome Eclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What is right ?


You can implement authentication yourself. Basically it is about checking username and password against a list of users that are allowed to use your web-app.

HTTP provides you a couple of solutions so why not make use of those, but programmatically everything is possible of course

Regards,
Frits
 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ok.. so DD is not absolutely neccesary to carry out authentication in a webapp.

thanks
 
Azhakesan Thangamuthu
Greenhorn
Posts: 12
Android Hibernate Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Using DD for authentication is one of the solution and not the only solution...
You can manage your list of user names / passwords in any secure way be it a database or LDAP ...
 
Lester Burnham
Rancher
Posts: 1337
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Besides reimplementing form-based authentication, you can also re-implement basic authentication. It's just a matter of checking for appropriate HTTP "Authorization" headers, and returning 401 status responses if they're missing.
 
Liviu Carausu
Ranch Hand
Posts: 160
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Parth Twari wrote:Is there any kind of programatic authentication? I had read about programmatic authorization .But as far as i know about authentication you have to use the DD's element <login-config> .

But HF page 846 , Q. 37 says

It is not necessary to use DD of the application in order to verfiy that users are who they say they are. Use programmatic authentication instead.

What is right ?


Hi Parth,

Regarding the older Servlet Specification, you can use

in order to verify that users are who they say they are.

I think that real programmatic authentication is introduced with Servlet 3.0 spec in HttpServletRequest :

It uses the container login mechanism configured for the ServletContext to authenticate the user making this request.
No additional configuration is necessary to have the login popup window displayed.
Only a .

With Servlet 3.0. there is more there for programmatic authentication :


Greetings,
Liviu

 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thanks liviu
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic