File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Programmatic Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Programmatic Authentication " Watch "Programmatic Authentication " New topic
Author

Programmatic Authentication

Parth Twari
Ranch Hand

Joined: Jan 20, 2010
Posts: 163
Is there any kind of programatic authentication? I had read about programmatic authorization .But as far as i know about authentication you have to use the DD's element <login-config> .


But HF page 846 , Q. 37 says

It is not necessary to use DD of the application in order to verfiy that users are who they say they are. Use programmatic authentication instead.

What is right ?


Parth Tiwari
| Pursuing Bachelor of Engineering | OSUM Club Leader | SCJP 6 | SCWCD 5 |...
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1672
    
  25

What is right ?


You can implement authentication yourself. Basically it is about checking username and password against a list of users that are allowed to use your web-app.

HTTP provides you a couple of solutions so why not make use of those, but programmatically everything is possible of course

Regards,
Frits
Parth Twari
Ranch Hand

Joined: Jan 20, 2010
Posts: 163
ok.. so DD is not absolutely neccesary to carry out authentication in a webapp.

thanks
Azhakesan Thangamuthu
Greenhorn

Joined: Jul 14, 2008
Posts: 12

Using DD for authentication is one of the solution and not the only solution...
You can manage your list of user names / passwords in any secure way be it a database or LDAP ...


~ Alagesh (SCWCD ,OCDJWS )
"Education's purpose is to replace an empty mind with an open one"
Lester Burnham
Rancher

Joined: Oct 14, 2008
Posts: 1337
Besides reimplementing form-based authentication, you can also re-implement basic authentication. It's just a matter of checking for appropriate HTTP "Authorization" headers, and returning 401 status responses if they're missing.
Liviu Carausu
Ranch Hand

Joined: Oct 07, 2004
Posts: 158
Parth Twari wrote:Is there any kind of programatic authentication? I had read about programmatic authorization .But as far as i know about authentication you have to use the DD's element <login-config> .

But HF page 846 , Q. 37 says

It is not necessary to use DD of the application in order to verfiy that users are who they say they are. Use programmatic authentication instead.

What is right ?


Hi Parth,

Regarding the older Servlet Specification, you can use

in order to verify that users are who they say they are.

I think that real programmatic authentication is introduced with Servlet 3.0 spec in HttpServletRequest :

It uses the container login mechanism configured for the ServletContext to authenticate the user making this request.
No additional configuration is necessary to have the login popup window displayed.
Only a .

With Servlet 3.0. there is more there for programmatic authentication :


Greetings,
Liviu



Oracle Certified Master Java SE6 Developer(SCJD),
OCE JEE 6 JSP and Servlets Developer.
Parth Twari
Ranch Hand

Joined: Jan 20, 2010
Posts: 163
thanks liviu
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Programmatic Authentication