Java EE 7 Form based authentication -

-

i'm working on web application based on java ee 7, postgresql , application server glassfish 4. need implement form based authentication, , secure url knowing :

  • the users , roles/groups (whatever called) stored in database.
  • i wanted application "standard" possible (i.e using jsf , jpa, , no other framework spring, struts ...)

after research, found java ee provided standard authentication mechanism called jaspic. so, focused research on jaspic , read multiple stackoverflow q/a , articles written arjan tijms (it's impossible find stackoverflow q/a related java ee without 1 of answers or comments, him way) :

my question : jaspic allow me need (form authentication + url restriction roles) , worth effort use ? mean : it's perhaps safer , easier use mechanism.

arjan tijms says whether or not using jaspic "a kind of chicken-and-egg problem" , if jaspic safe use (it doesn't create more problems solves), no matter amount of code need write, want "one of first chickens".

i'm using jaspic authentication, jaspic has 1 limitation need contend (if want things standard). you're limited having no dependencies outside of java ee 7 api. means access jdbc resources require driver not capability explicitly stated in standards.

in openid connect implementation used google secure store, presents me google login form. larger example of using jaspic though.

for yourself, can expose ejb global namespace , use initialcontext ejb. there'd code duplication in have copy ejb remote interface code in 2 places , ensure serialversionids same on both. ejb can used connect jpa resources authorization data.

use ejbs, because other 2 options may think of rest , soap exposing on web ports , require configuration prevent unauthorized access or require placed on different system.

a simple jaspic implementation created in case want learn http header jaspic module intended integration more complex systems siteminder.


Comments

Post a Comment

Popular posts from this blog

java - Intellij Synchronizing output directories .. -

-
i trying build project, run in debug mode , keep getting "synchronizing output directories" in intellij. takes around 5-10 minutes actual build. project empty , stored on local drive. tried invalidate catche has not worked. out of ideas .. had similar issues? most likely, of data on network drive or in profile being synchronized network drive. if on windows, try moving .ideaxxx/system directory , work directory somewhere else on c: drive.
Read more

git - Initial Commit: "fatal: could not create leading directories of ..." -

-
i trying make initial commit git repository on github unity project. followed along this guide am. note: reason or another, couldn't set unity's asset serialization mode force text, settled on mixed (which believe should work). when call git clone --bare . , error. note not creator of repository , contributor (though making initial commit). here's in terminal (i'm using git bash): welcome git (version 1.8.4-preview20130916) run 'git git' display index. run 'git <command>' display specific commands. cheddar@cheddar-pc ~ $ cd documents/ics168swarch/ cheddar@cheddar-pc ~/documents/ics168swarch $ git init initialized empty git repository in c:/users/cheddar/documents/ics168swarch/.git / cheddar@cheddar-pc ~/documents/ics168swarch (master) $ git add . warning: lf replaced crlf in assets/prefabs.meta. file have original line endings in working directory. warning: lf replaced crlf in assets/prefabs/pellet.prefab.meta. file have original
Read more