File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Programmatic Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Reply Bookmark "Programmatic Authentication " Watch "Programmatic Authentication " New topic
Author

Programmatic Authentication

Parth Twari
Ranch Hand

Joined: Jan 20, 2010
Posts: 163
posted private message
0
Quote
Is there any kind of programatic authentication? I had read about programmatic authorization .But as far as i know about authentication you have to use the DD's element <login-config> .


But HF page 846 , Q. 37 says

It is not necessary to use DD of the application in order to verfiy that users are who they say they are. Use programmatic authentication instead.

What is right ?

Parth Tiwari
| Pursuing Bachelor of Engineering | OSUM Club Leader | SCJP 6 | SCWCD 5 |...
Frits Walraven
Rancher

Joined: Apr 07, 2010
Posts: 1042

I like...
Android Chrome Eclipse IDE
posted private message
0
Quote
What is right ?


You can implement authentication yourself. Basically it is about checking username and password against a list of users that are allowed to use your web-app.

HTTP provides you a couple of solutions so why not make use of those, but programmatically everything is possible of course

Regards,
Frits
Parth Twari
Ranch Hand

Joined: Jan 20, 2010
Posts: 163
posted private message
0
Quote
ok.. so DD is not absolutely neccesary to carry out authentication in a webapp.

thanks
Azhakesan Thangamuthu
Greenhorn

Joined: Jul 14, 2008
Posts: 12
posted private message
0
Quote
Using DD for authentication is one of the solution and not the only solution...
You can manage your list of user names / passwords in any secure way be it a database or LDAP ...

~ Alagesh (SCWCD - 91 %)
"Education's purpose is to replace an empty mind with an open one"
Lester Burnham
Rancher

Joined: Oct 14, 2008
Posts: 1337
posted
0
Quote
Besides reimplementing form-based authentication, you can also re-implement basic authentication. It's just a matter of checking for appropriate HTTP "Authorization" headers, and returning 401 status responses if they're missing.
Liviu Carausu
Ranch Hand

Joined: Oct 07, 2004
Posts: 154
posted private message
0
Quote
Parth Twari wrote:Is there any kind of programatic authentication? I had read about programmatic authorization .But as far as i know about authentication you have to use the DD's element <login-config> .

But HF page 846 , Q. 37 says

It is not necessary to use DD of the application in order to verfiy that users are who they say they are. Use programmatic authentication instead.

What is right ?


Hi Parth,

Regarding the older Servlet Specification, you can use

in order to verify that users are who they say they are.

I think that real programmatic authentication is introduced with Servlet 3.0 spec in HttpServletRequest :

It uses the container login mechanism configured for the ServletContext to authenticate the user making this request.
No additional configuration is necessary to have the login popup window displayed.
Only a .

With Servlet 3.0. there is more there for programmatic authentication :


Greetings,
Liviu


Oracle Certified Master Java SE6 Developer(SCJD),
OCE JEE 6 JSP and Servlets Developer.
Parth Twari
Ranch Hand

Joined: Jan 20, 2010
Posts: 163
posted private message
0
Quote
thanks liviu
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: Programmatic Authentication
 
Similar Threads
Connect to password protected sites
Why JAAS ?
Which authentication method to use ?
how can i read HTML file in java
security: declarative vs. programmatic