English 中文(简体)
Programmatic authentication in Java EE 6
原标题:

is it possible to authenticate programmatically a user in Java EE 6?

Let me explain with some more details:

I ve got an existing Java SE project with Servlets and hibernate; where I manage manually all the authentication and access control:

class Authenticator {
    int Id
    string username
}

Authenticator login(string username, string password) ;

void doListData(Authenticator auth) {
    if (isLoggedIn(auth)) listData();
    else doListError
}

void doUpdateData (Authenticator auth) {
    if (isLoggedAsAdmin(auth)) updateData() ;
    else doListError();
}

void doListError () {
    listError() ;
}

And Im integrating J2ee/jpa/servlet 3/... (Glassfish 3) in this project.

I ve seen anotations like :

@RolesAllowed ("viewer")
void doListdata (...) {
    istData() ;
}

@RolesAllowed("admin")
void doUpdateData (...) {
    updateData() ;
}

@PermotAll
void dolisterror () {
    listerror() ;
}

but how can I manually state, in login(), that my user is in the admin and/or viewer role?

最佳回答

Hi this is covered pretty well in the sun java ee 6 tutorial.

时间:2010-05-14 09:35:28
问题回答

First make sure you are using Servlet 3.0/3.1. Servlet 2.4 does not have the login method

    @WebServlet(name="LoginServlet", urlPatterns={"/LoginServlet"})
    public class TutorialServlet extends HttpServlet {
      protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        String user = request.getParameter("user");
        String password = request.getParameter("password");
        //TODO check is user and password not null

        try (PrintWriter out = response.getWriter();){
           request.login(user, password);
           //perhaps redirect to another page on success
        } catch (ServletException e) {
            //perhaps redirect to another page to login failure
            throw new ServletException(e);
        } 
      }
    }
时间:2013-06-30 10:48:56

Thank you for your ansers, I took a while to understand it, but you re both right, 

login(java.lang.String user, java.lang.String password)

is what I want to do. Instead of login in my users, I need to login a specific role:

login("admin", "admin") ;
...

:)

时间:2010-05-14 10:09:02


上一篇:
下一篇:


相关问题
Spring Properties File

Hi have this j2ee web application developed using spring framework. I have a problem with rendering mnessages in nihongo characters from the properties file. I tried converting the file to ascii using ...

时间:2009-11-13 05:05:41 回答:3 展示:1
Logging a global ID in multiple components

I have a system which contains multiple applications connected together using JMS and Spring Integration. Messages get sent along a chain of applications. [App A] -> [App B] -> [App C] We set a ...

时间:2009-11-09 14:50:12 回答:4 展示:1
Java Library Size

If I m given two Java Libraries in Jar format, 1 having no bells and whistles, and the other having lots of them that will mostly go unused.... my question is: How will the larger, mostly unused ...

时间:2009-11-09 14:44:57 回答:2 展示:1
How to get the Array Class for a given Class in Java?

I have a Class variable that holds a certain type and I need to get a variable that holds the corresponding array class. The best I could come up with is this: Class arrayOfFooClass = java.lang....

时间:2009-11-05 09:41:59 回答:5 展示:1
SQLite , Derby vs file system

I m working on a Java desktop application that reads and writes from/to different files. I think a better solution would be to replace the file system by a SQLite database. How hard is it to migrate ...

时间:2009-11-05 09:26:46 回答:3 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全