• Post Reply Bookmark Topic Watch Topic
  • New Topic

About the Java EE 7 Tutorial volumes  RSS feed

 
Vasilis Souvatzis
Ranch Hand
Posts: 81
1
Chrome Java Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I really don't have a question for the authors, I just want to thank you so much for the remarkable content! The Java EE 7 Tutorial is an invaluable resource to me, I'm writing my Java EE 7 thesis and the tutorial pdf is always open in my second screen But obviously a physical book is better.

At first look it may seem chaotic and massive, but I find the flow is rather easy to follow. Must-have resource!
 
William Markito Oliveira
Author
Greenhorn
Posts: 9
5
Java Linux Python
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you for your comment and let us know if you need any help or have questions through your thesis!

Cheers
 
Vasilis Souvatzis
Ranch Hand
Posts: 81
1
Chrome Java Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I do indeed have a couple of questions, well only the one is actually a question, the second is just a where-in-the-tutorial kind of thing.

1. Is it really necessary for me to setup a JDBC Realm to authenticate users against a DB? Couldn't I just query the DB with the input credentials and see if there's the given user? If yes I could direct him to the content, if no they would be directed to register.

2. Although I have a working login user solution with a JDBC Realm, Form auth-method and the j_security_check mechanism, I want to convert it to use my own JSF form, backing beans and JPA calls. Could you advise me into which specific parts of the Security section of the Tutorial should I study?
 
William Markito Oliveira
Author
Greenhorn
Posts: 9
5
Java Linux Python
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, let me try to address both questions with a few thoughts you might consider:

The Realm concept that most application servers (Glassfish, WebLogic, JBoss, WebSphere....) implements are backed by the security specification of Java EE, which "defines" the minimal requirements and unfortunately most of them has it's own proprietary implementation, but at least following the spec guidance (Deployment descriptors, user/group, authentication and authorization concepts, etc...)

It's possible to implement custom authentication mechanics as some people do with Servlet filters, for example. On every request the filter check some session information against a DB and etc, but I still prefer the Realms concept since most containers offers more fine grained control for authorization/authentication.

On the tutorial we setup a JDBC Realm to be used on the Duke's Forest case study using JSF, which you can check as an example.
http://docs.oracle.com/javaee/7/tutorial/doc/security-advanced003.htm#BABEJJDE

Hope that helps.
 
Vasilis Souvatzis
Ranch Hand
Posts: 81
1
Chrome Java Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It does help yes, thank you very much And your link reminded me that I'm still on the previous version of the Tutorial and need to d/l the new one.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!