views:

82

answers:

2

I found there are 2 types of authentication mechanism in JSF.

  1. JASS
  2. Container managed

(please correct if I am wrong)

I tried searching for a better tutorial that guide to learn any of those method. Unfortunately I was ended up in many of uncompleted lessons. Can any one provide me a solid tutorial or any guide where I can catch the rope.

+1  A: 

Correct name is JAAS (Java Authentication and Authorization Service) not JASS.

Have you been here?

Regards

SourceRebels
Thanks for correcting me. :up:
Muneer
+2  A: 

There are not just 2 types of authentication mechanisms (regardless of JSF). The Oracle (SUN) documentation is actually very good and I would recommend it:

Tutorial

It discusses how to address security requirements in web tier and enterprise tier applications. Namely:

  1. Getting Started Securing Web Applications - discusses and provides examples for adding security to web components such as servlets.
  2. Getting Started Securing Enterprise Applications - discusses adding security to Java EE components such as enterprise beans and application clients.
Ross
Thaaaks for the link Ross. I will check it and come back. Do you know any other Tutorial other than the Documentation?
Muneer
The following link covers form based authentication for a web application that is deployed to Tomcat or GlassFish: http://monstersandwich.blogspot.com/2010/03/shopping-cart-web-application-security.html
Ross
Thanks for the comment Ross. This is a nice tutorial creating a full JSP app. Still, this is not covering the authentication in detail. It has an overall summary with code download only. Any way thanks for the link
Muneer