tags:

views:

44

answers:

2
+3  Q: 

Java EE 6 Security Model: How to add or delete user

I read most of the documentation, I only see the use of @RolesAllowed or @DeclareRoles, how can I add user or delete user. I have a table of users with username and password in my database, how can I make my web app to authenticate those user? How can I map these user (principal) to a particular roles. Samples code would be greatly appreciated. Thank you very much

+1  A: 

JavaEE doesn't define the management of users and roles, only how the application interacts with them.

It is up to the specific server implementations to define that functionality as they see fit.

skaffman  2010-07-21 18:24:12
+3  A: 

A JAAS Login module is required to authenticate the user, establish the principals, that can enable the mapping of users/principals existing in the database to roles defined in the source code.

Assuming that you are using Glassfish v3 for JEE6, you need to create and configure a JDBC realm in Glassfish for this purpose. Be forewarned that the realm configuration might not have a one-to-one mapping with the user table in your database, in which case you either need to modify the table definition, or extend the login module to create your own scheme.

Despite setting up the database realm, you would still need to map the JEE roles defined in your source code, to the actual roles in the realm. That is accomplished using the application server specific deployment descriptors.

Vineet Reynolds  2010-07-21 18:24:58
I know it would be too much to ask for samples code. But do you know any tutorial for this kind of things?
Harry Pham  2010-07-21 18:40:11
Well you're in luck. Have a look at the blog entry titled "Mort learns JDBC Realm authentication": http://blogs.sun.com/foo/entry/mort_learns_jdbc_realm_authenticationIt shows how to configure a JDBC realm based of tables created by the author, and then shows how to use the users and roles in a very simple web application. Notice the mapping between the JEE role and the JDBC role in sun-web.xml
Vineet Reynolds  2010-07-21 18:47:27
Great. Reading it now. I appreciated your help very much. Will let u know if I have any question. Once again. Thanks!
Harry Pham  2010-07-21 18:52:11
I got it working. Thank you very much :D
Harry Pham  2010-07-21 21:01:56
Glad to be of help :-).
Vineet Reynolds  2010-07-21 21:06:45

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java