how to add login feature

I am building a java web app. It will be a blog. I need to add login functionality so that an authorized user can create a blog, and it will prevent an unauthorized user from accessing the blog creation features. How would this be implemented on an Enterprise app? Thanks.

I also don't have the database setup. So, I also need a temporary way to do this. Thanks.

Typically this is done by middleware in the request processing pipeline of your web application framework. Most web application frameworks have already implemented this middleware. For instance, Spring has the Spring Security project which includes in-memory authentication.

What framework are you using to develop your web application?

Stephan van Hulst wrote:Typically this is done by middleware in the request processing pipeline of your web application framework. Most web application frameworks have already implemented this middleware. For instance, Spring has the Spring Security project which includes in-memory authentication.

What framework are you using to develop your web application?

Thanks. I don't think I have a framework equivalent to Spring. This is some of my tech stack:

Wildfly 10
Hibernate 5
Postgres 9
Weld
RESTEasy JaxRS
AngularJS 1
Java 8

Can I add only Spring Security to my project?

I believe Wildfly just uses the standard Java EE security mechanisms. You can read more about those here: https://docs.oracle.com/javaee/7/tutorial/partsecurity.htm

I believe chapter 47 will explain how to add users, groups and roles to your application, and chapter 49 will explain how to authorize certain users, groups or roles to access methods in your application.

You might also want to read these two blog posts:

http://arjan-tijms.omnifaces.org/2012/11/implementing-container-authentication.html
http://arjan-tijms.omnifaces.org/2015/08/activating-jaspic-in-jboss-wildfly.html

Honestly, all of this just enforces my belief that it's much easier to use one web application platform to handle your entire backend, than to stitch all these technologies together.

Hmm, I think that you might actually be able to integrate Spring Security with Wildfly. You should google around for this combination.

Stephan van Hulst wrote:I believe Wildfly just uses the standard Java EE security mechanisms. You can read more about those here: https://docs.oracle.com/javaee/7/tutorial/partsecurity.htm

I believe chapter 47 will explain how to add users, groups and roles to your application, and chapter 49 will explain how to authorize certain users, groups or roles to access methods in your application.

Thanks! I heard of this, but I wasn't sure exactly what it did.

For additional ideas you could also study the source code of a mature Java blog platform such as http://pebble.sourceforge.net/. It supports multiple blogs as well as multiple contributors per blog.

Tim Moores wrote:For additional ideas you could also study the source code of a mature Java blog platform such as http://pebble.sourceforge.net/. It supports multiple blogs as well as multiple contributors per blog.

Thanks! That's super helpful.