File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Architect Certification (SCEA/OCMJEA) and the fly likes Log in and have profile  ??? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Architect Certification (SCEA/OCMJEA)
Bookmark "Log in and have profile  ???" Watch "Log in and have profile  ???" New topic

Log in and have profile ???

Alberto Castello Branco

Joined: Apr 27, 2007
Posts: 10

My exam has two kinds of client.

I need to verify if user is log in and has profile.

I want to put only one point of verification.

How Do I doing this ?

I have thought to verify this within SFSB and I would to use JAAS to do this.

Deepak Bala

Joined: Feb 24, 2006
Posts: 6662

You can make some assumptions about this. Firstly what type of security is your application and web interface providing ? LDAP ? credentials in database tables ?

The answer to your question depends on the type of security. Some containers use JAAS internally and only require that you use JAAS when operating on a fat application client. Can you elaborate more on your security ?
[ May 29, 2007: Message edited by: John Meyers ]

SCJP 6 articles - SCJP 5/6 mock exams - More SCJP Mocks
Francesco Bianchi

Joined: May 06, 2007
Posts: 5
Hi Alberto,

I think your attitude is very promising. I am working in the same direction.
Probably the best solution would be to keep users and credentials in the database.
The question is how is it possible to build a JAAS LoginModule?
In my opinion the LoginModule must
-look up in the database
-AND create kind of SFSB for the session state management.

Is it feasible / practicable? Who has an example of such a LoginModule?

The other possibility could be an Intercepting Filter like in Petstore. The main drawback of this solution is that it is not possible to use this functionality for a Java client. It works only for a Web client.

Any comments are highly appreciated.
Francesco Bianchi
I agree. Here's the link:
subject: Log in and have profile ???
It's not a secret anymore!