The moose likes Servlets and the fly likes Form -based authentication Question Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Form -based authentication Question" Watch "Form -based authentication Question" New topic

Form -based authentication Question

Karthik Guru
Ranch Hand

Joined: Mar 06, 2001
Posts: 1209
I have an application that employs Form based authentication.
Once authenticated, it passes on the role / user information to the EJB container as well. Our EJBs use declarative decurity mechanism specified in the descriptor ejb-jar.xml file. Right now the web container is handling the responsiblity of passing on the context to the EJB Container.
If i have to employ a different authenticating mechanism and I DONT want to change my EJB code that checks for the user/role information, how do i go about doing it?
Form Authentication must be authenticating the user against supplied user id/ password , looking for the role the user is mapped to and must be placing an object in session that in turn is used while calling the EJBs?.
How do i do the same thing using a different authentication mechanism so that i dont have to change any code in the EJBs?
Sri Basavanahally
Ranch Hand

Joined: Oct 07, 2003
Posts: 75
Hi Karthik,
Can you be a bit more specific please ? What other mechanisms are you referring to - Using something like HTTPS for transmitting id/password ? or something like this ?

It is sorta covered in the JavaRanch Style Guide.
subject: Form -based authentication Question
It's not a secret anymore!