Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Log in and have profile ???

 
Alberto Castello Branco
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Guys,

My exam has two kinds of client.

I need to verify if user is log in and has profile.

I want to put only one point of verification.

How Do I doing this ?

I have thought to verify this within SFSB and I would to use JAAS to do this.

Regards
 
Deepak Bala
Bartender
Posts: 6663
5
Firefox Browser Linux MyEclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can make some assumptions about this. Firstly what type of security is your application and web interface providing ? LDAP ? credentials in database tables ?

The answer to your question depends on the type of security. Some containers use JAAS internally and only require that you use JAAS when operating on a fat application client. Can you elaborate more on your security ?
[ May 29, 2007: Message edited by: John Meyers ]
 
Francesco Bianchi
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Alberto,

I think your attitude is very promising. I am working in the same direction.
Probably the best solution would be to keep users and credentials in the database.
The question is how is it possible to build a JAAS LoginModule?
In my opinion the LoginModule must
-look up in the database
-AND create kind of SFSB for the session state management.

Is it feasible / practicable? Who has an example of such a LoginModule?

The other possibility could be an Intercepting Filter like in Petstore. The main drawback of this solution is that it is not possible to use this functionality for a Java client. It works only for a Web client.

Any comments are highly appreciated.
Francesco Bianchi
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic