This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Servlets and the fly likes Form -based authentication Question Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Form -based authentication Question" Watch "Form -based authentication Question" New topic
Author

Form -based authentication Question

Karthik Guru
Ranch Hand

Joined: Mar 06, 2001
Posts: 1209
I have an application that employs Form based authentication.
Once authenticated, it passes on the role / user information to the EJB container as well. Our EJBs use declarative decurity mechanism specified in the descriptor ejb-jar.xml file. Right now the web container is handling the responsiblity of passing on the context to the EJB Container.
If i have to employ a different authenticating mechanism and I DONT want to change my EJB code that checks for the user/role information, how do i go about doing it?
Form Authentication must be authenticating the user against supplied user id/ password , looking for the role the user is mapped to and must be placing an object in session that in turn is used while calling the EJBs?.
How do i do the same thing using a different authentication mechanism so that i dont have to change any code in the EJBs?
thanks.
Sri Basavanahally
Ranch Hand

Joined: Oct 07, 2003
Posts: 75
Hi Karthik,
Can you be a bit more specific please ? What other mechanisms are you referring to - Using something like HTTPS for transmitting id/password ? or something like this ?
-Sri


UP THE IRONS !
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Form -based authentication Question
 
Similar Threads
My SCEA Part 1Study Notes
How to set a user's role
J2EE Authentication
User log-in process
Problemo with Form-based authentication in Websphere