• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Authentication for different user type

 
Youssef Ben Kaddour El Wazzani
Ranch Hand
Posts: 41
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

I would like to know how does the authentication will be addressed in the case of an open web application, by open, i mean open to the public, customers plus the employees. The customers can naturally register and automatically get an account to login in.

* I can't imagine doing it using LDAP for all the users ! Is it doable ?
* Is a JDBCrealm, with a user and role table for all the users appropriate ?
* Another idea i have think about, with a JAASRealm, we could for example implement a combination use, LDAP for the employee and database table for the customer(Like for the JDBCrealm), doing some condition over the provided username, isn't this approriate ?

Thanks,
 
Rishi Shehrawat
Ranch Hand
Posts: 218
Hibernate Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Normally LDAP is used for employees & database is used for customers. Another reason for using LDAP is that normally companies have a LDAP sever already set up for employees, by using LDAP the employees are able to use existing user id/passwords.
I think that it should be possible to configure JAAS to work for JDBC & LDAP realm. I had worked on a application which had a similar requirement. We did not want the employee facing app to be availaible on internet, for which we had deployed it as two different apps, basically two different domains in weblogic. For the customer facing domain authentication was done from database & for employee facing auth it was done from LDAP.
 
Youssef Ben Kaddour El Wazzani
Ranch Hand
Posts: 41
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Thank you Rishi, this is really more than i was expecting as a response .

To be honest, i had though about the idea you have mentioned, about having two different apps to serve separatly the employees and customers, and thus eliminate the authentication confusion, but finally abandoned it when i was imagining the deployment diagram .

Thanks again.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic