Win a copy of Java Challengers this week in the Java in General forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • paul wheaton
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Liutauras Vilda
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Piet Souris
Bartenders:
  • salvin francis
  • Mikalai Zaikin
  • Himai Minh

Authentication for different user type

 
Ranch Hand
Posts: 41
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

I would like to know how does the authentication will be addressed in the case of an open web application, by open, i mean open to the public, customers plus the employees. The customers can naturally register and automatically get an account to login in.

* I can't imagine doing it using LDAP for all the users ! Is it doable ?
* Is a JDBCrealm, with a user and role table for all the users appropriate ?
* Another idea i have think about, with a JAASRealm, we could for example implement a combination use, LDAP for the employee and database table for the customer(Like for the JDBCrealm), doing some condition over the provided username, isn't this approriate ?

Thanks,
 
Ranch Hand
Posts: 218
Hibernate Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Normally LDAP is used for employees & database is used for customers. Another reason for using LDAP is that normally companies have a LDAP sever already set up for employees, by using LDAP the employees are able to use existing user id/passwords.
I think that it should be possible to configure JAAS to work for JDBC & LDAP realm. I had worked on a application which had a similar requirement. We did not want the employee facing app to be availaible on internet, for which we had deployed it as two different apps, basically two different domains in weblogic. For the customer facing domain authentication was done from database & for employee facing auth it was done from LDAP.
 
Youssef Ben Kaddour El Wazzani
Ranch Hand
Posts: 41
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

Thank you Rishi, this is really more than i was expecting as a response .

To be honest, i had though about the idea you have mentioned, about having two different apps to serve separatly the employees and customers, and thus eliminate the authentication confusion, but finally abandoned it when i was imagining the deployment diagram .

Thanks again.
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic