• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Rob Spoor
  • Henry Wong
  • Liutauras Vilda
Saloon Keepers:
  • Tim Moores
  • Carey Brown
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
Bartenders:
  • Frits Walraven
  • Himai Minh
  • Jj Roberts

Authentication for different user type

 
Ranch Hand
Posts: 41
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

I would like to know how does the authentication will be addressed in the case of an open web application, by open, i mean open to the public, customers plus the employees. The customers can naturally register and automatically get an account to login in.

* I can't imagine doing it using LDAP for all the users ! Is it doable ?
* Is a JDBCrealm, with a user and role table for all the users appropriate ?
* Another idea i have think about, with a JAASRealm, we could for example implement a combination use, LDAP for the employee and database table for the customer(Like for the JDBCrealm), doing some condition over the provided username, isn't this approriate ?

Thanks,
 
Ranch Hand
Posts: 218
Hibernate Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Normally LDAP is used for employees & database is used for customers. Another reason for using LDAP is that normally companies have a LDAP sever already set up for employees, by using LDAP the employees are able to use existing user id/passwords.
I think that it should be possible to configure JAAS to work for JDBC & LDAP realm. I had worked on a application which had a similar requirement. We did not want the employee facing app to be availaible on internet, for which we had deployed it as two different apps, basically two different domains in weblogic. For the customer facing domain authentication was done from database & for employee facing auth it was done from LDAP.
 
Youssef Ben Kaddour El Wazzani
Ranch Hand
Posts: 41
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

Thank you Rishi, this is really more than i was expecting as a response .

To be honest, i had though about the idea you have mentioned, about having two different apps to serve separatly the employees and customers, and thus eliminate the authentication confusion, but finally abandoned it when i was imagining the deployment diagram .

Thanks again.
 
Are you here to take over the surface world? Because this tiny ad will stop you!
SKIP - a book about connecting industrious people with elderly land owners
https://coderanch.com/t/skip-book
reply
    Bookmark Topic Watch Topic
  • New Topic