All geek questions in one place

Software Authentication in Java EE 6

Can I authenticate a user programmatically in Java EE 6?

Let me explain a few details:

I have an existing Java SE project with servlets and hibernation; where I manually manage all the authentication and access control tools:

class Authenticator { int Id string username } Authenticator login(string username, string password) ; void doListData(Authenticator auth) { if (isLoggedIn(auth)) listData(); else doListError } void doUpdateData (Authenticator auth) { if (isLoggedAsAdmin(auth)) updateData() ; else doListError(); } void doListError () { listError() ; }

And Im integrating J2ee / jpa / servlet 3 / ... (Glassfish 3) in this project.

I have seen such annotations as:

 @RolesAllowed ("viewer") void doListdata (...) { istData() ; } @RolesAllowed("admin") void doUpdateData (...) { updateData() ; } @PermotAll void dolisterror () { listerror() ; }

but how can I manually specify in login () that my user is in the role of administrator and / or view?

+4
source share
3 answers

Hi, this is well described in the sun java ee 6 tutorial .

0
source

First make sure you are using Servlet 3.0 / 3.1. Servlet 2.4 has no login method

  @WebServlet(name="LoginServlet", urlPatterns={"/LoginServlet"}) public class TutorialServlet extends HttpServlet { protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); String user = request.getParameter("user"); String password = request.getParameter("password"); //TODO check is user and password not null try (PrintWriter out = response.getWriter();){ request.login(user, password); //perhaps redirect to another page on success } catch (ServletException e) { //perhaps redirect to another page to login failure throw new ServletException(e); } } }
+1
source

Thanks for your petitioners, I took some time to figure this out, but you are both right,

 login(java.lang.String user, java.lang.String password)

- this is what I want to do. Instead of logging in with my users, I need to log in to a specific role:

 login("admin", "admin") ; ...

:)

0
source

Source: https://habr.com/ru/post/1309752/

More articles:


All Articles