Hello Everybody,
I want to implement role based access for my web application and I want to know a good way of doing it. For eg. I know one way -- in the jsp, i check roles with scriplet and run the block of code if it has the required roles. I want to know better ways of doing it. Please help me out.
Regards,
Deeps
deeps sinha
Greenhorn
Joined: Apr 20, 2012
Posts: 26
posted
0
hi,
I have another doubt. I have been asked to use Jaas for Ldap authentication and authorisation. I mean if these two are different Realms right ? Please help....
Regards,
Deeps
Tim Moores
Rancher
Joined: Sep 21, 2011
Posts: 2407
posted
0
If I were to implement security for a new project, I'd use Apache Shiro. It goes way beyond what the servlet security implemented by the servlet container provides, and -amongst many things- has a tag library you can use in your JSPs instead of scriptlets.
deeps sinha
Greenhorn
Joined: Apr 20, 2012
Posts: 26
posted
0
Thanks Tim, this is a good framework. Is there a detailed documentation or BOOK on Shiro. Also would like to know the disadvantages of shiro. I could not find any on the web.
Regards,
Deeps
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to
run our stuff on 16 servers instead of 3.
0
