File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes JSF and the fly likes Securing a Java EE6 application with JPA Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSF
Bookmark "Securing a Java EE6 application with JPA" Watch "Securing a Java EE6 application with JPA" New topic

Securing a Java EE6 application with JPA

Lee Hend

Joined: Jul 08, 2010
Posts: 1
Netbeans6.8, JSF2, Glassfish v3.

Hi there

I was hoping someone could help me with a problem I am having configuring security for my web application. I am a newbie still. So far I have created the form, a managed beans for behind the form and a entity bean that maps name and password to my database.

I am currently trying to configure a stateless session bean using Java Persistence A to access the database and implement the logic. In this stateless session bean I would like to use entity manager to query, login and logout the user.

I would like to use something like the following query;

I Have attached all code in an attachment, please have a look

I have setup a JDBC realm on Glassfish as well as the relevant connection pool, etc.

Any help or advise would be greatly appreciated.
Kind regards
Kamal Wickramanayake

Joined: Jul 10, 2010
Posts: 27
May I suggest an alternative approach? Go about using Spring Security. You will surely love it once you understand how simple and how powerful it is.

Here's a good guide that I wrote recently:
Using Spring Security in your Java web application

In case you want to know more about JPA and Spring:
Spring JPA web applications (JTA transactions, JBoss 5)

About JSF and JPA:
Best way to use JPA in web-tier
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
Before you go about introducing wholly new frameworks just for implementing security, tell us what problems you have implementing what you described (which sounds fine so far).
As you found out, you can't attach code or archives; you'll need to describe where you're stuck making progress.
I agree. Here's the link:
subject: Securing a Java EE6 application with JPA
It's not a secret anymore!