• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Inplementing Basic security

 
deeps sinha
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Everybody,
I want to implement role based access for my web application and I want to know a good way of doing it. For eg. I know one way -- in the jsp, i check roles with scriplet and run the block of code if it has the required roles. I want to know better ways of doing it. Please help me out.

Regards,
Deeps
 
deeps sinha
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi,
I have another doubt. I have been asked to use Jaas for Ldap authentication and authorisation. I mean if these two are different Realms right ? Please help....

Regards,
Deeps
 
Tim Moores
Bartender
Posts: 2756
38
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If I were to implement security for a new project, I'd use Apache Shiro. It goes way beyond what the servlet security implemented by the servlet container provides, and -amongst many things- has a tag library you can use in your JSPs instead of scriptlets.
 
deeps sinha
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Tim, this is a good framework. Is there a detailed documentation or BOOK on Shiro. Also would like to know the disadvantages of shiro. I could not find any on the web.

Regards,
Deeps
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic