File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Java in General and the fly likes How to implement Authentication/Authorization, Caching, Auditing in a JEE Web Application Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Java in General
Bookmark "How to implement Authentication/Authorization, Caching, Auditing in a JEE Web Application" Watch "How to implement Authentication/Authorization, Caching, Auditing in a JEE Web Application" New topic
Author

How to implement Authentication/Authorization, Caching, Auditing in a JEE Web Application

Keerthi M
Greenhorn

Joined: Sep 10, 2007
Posts: 4

Dear Fellow Ranchers -

I need some Technical help da. We are developing a web application from scratch with below technologies:
Spring 3.x, OpenJPA 2.x, IBM Rational Software Architect, IBM WAS v7.0, JSF 1.x, IBM DB2

Now, in our application we are planning to implement below technical functionalites:
1. Authentication & Authorization
2. Auditing
3. Caching
4. Reporting

Since ours is an web application development from scratch, I need to implement below Services/Components from scratch. Now here are my questions. Keeping in view the technologies I'll be using, Is there any code on Internet that I can look at Or reuse Or a framework that I could use for implementing below Functionalities/Services/Components in our web application instead of building them from scratch.

1. Authentication & Authorization:
Our Authentication-and-Authorization requirements are simple and not that complex. Say 2-3 Roles are there and we want to display/enable/disable some screens(and some fields in the screen) to the User based on his Role?
How does the database model look for implementing Role Based Authorization?

2. Auditing:
Our Auditing requirements are also simple and not that complex. Basically I want to store:
2.1 what has changed
2.2. who has changed
2.3. what are the old values and what are the new values
Coming to events that we want to log are, here are some examples:
a. if Super(one kind of Role) User creates a User or edits an existing User then we want to log-and-store this as an event in Audit tables in the Database.
b. say if an Plan-Admnistrator(one kind of Role) User imports Map(one kind of business functionality in our application) or edits an existing Map etc. then we should log-and-store this as an event in Audit tables in the Database
etc.
So how to build such Service/Component? How does the database model look like for implementing Auditing Service/Component?

3. Caching:
Even though business functionality wise ours is not a complex application but data wise it is complex.
We'll dealing with lot of data and that means at a single point of time we'll working(adding, updating, deleting using UI) with min. 50,000+ records in the database. For example, 20-30 users simultaneously will be using our web based application and its UI for inserting 100,000 records into the database, editing 100,000 records in the database, querying the 400,000 records in the database tables etc. These are just few of our application requirements to demonstrate the volume of data will be dealing at a single point of time.
So to improve application request/response times and performance we'll be using Caching at the Persistence Layer and leveraging OpenJPA's caching support at the Persistence Layer. We might also need to explore using EhCache with OpenJPA.
However what about caching at UI Layer? or Business Layer? Keeping in view the technologies I'll be using, Is there any code on Internet that I can look at Or reuse Or a framework that I use for implementing Caching at UI Layer and Business Layer instead of building it from scratch?
How does the database model look like for implementing Caching Service/Component?

4. Reporting:
Based on the Auditing data stored in the database and Auditing Service/Component I implement, I need to also build Reporting Service/Component so that we can have a light-to-intermediate Reporting functionality implemented in our application and provide UI for such Reporting functionality.
How does the database model look like for implementing Reporting Service/Component?

Appreciate your timely replies.

- Keerthi.
Keerthi M
Greenhorn

Joined: Sep 10, 2007
Posts: 4
Appreciate time and reply from Fellow Ranchers ...
Campbell Ritchie
Sheriff

Joined: Oct 13, 2005
Posts: 39103
    
  23
Keerthi M wrote:Appreciate time and reply from Fellow Ranchers ...
Please have a look at some of our FAQs, particularly this one. Most users of this website will be reluctant to provide such a large project; we prefer to see what people have already tried, and help them with particular problems.
 
GeeCON Prague 2014
 
subject: How to implement Authentication/Authorization, Caching, Auditing in a JEE Web Application