Java EE 6 Security Model: How to add or delete user
Question
I read most of the documentation, I only see the use of @RolesAllowed or @DeclareRoles , how can I add user or delete user. I have a table of users with username and password in my database, how can I make my web app to authenticate those user? How can I map these user (principal) to a particular roles. Samples code would be greatly appreciated. Thank you very much
2 answers
solution1
4 ACCPTED 2010-07-21 18:24:58
A JAAS Login module is required to authenticate the user, establish the principals, that can enable the mapping of users/principals existing in the database to roles defined in the source code.
Assuming that you are using GlassFish v3 for Java EE 6, you need to create and configure a JDBC realm in GlassFish for this purpose. Be forewarned that the realm configuration might not have a one-to-one mapping with the user table in your database, in which case you either need to modify the table definition, or extend the login module to create your own scheme.
Despite setting up the database realm, you would still need to map the Java EE roles defined in your source code, to the actual roles in the realm. That is accomplished using the application server specific deployment descriptors.
solution2
1 2010-07-21 18:24:12
JavaEE doesn't define the management of users and roles, only how the application interacts with them.
It is up to the specific server implementations to define that functionality as they see fit.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.