Working with J2EE RI Security

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Working with J2EE RI Security

Before you look at making your J2EE application security aware, you must spend a short time looking at the J2EE RI support for a simple authentication system.

The J2EE RI provides an authentication domain that can be used during application development. The RI security domain supports:

Realms— A realm defines users that are authenticated using the same mechanism. The J2EE RI defines two realms:
- file— Consisting of users and passwords stored in an XML file
- certificate— Consisting of users identified by X.509 digital certificates, (certificates are only used to authenticate Web browser clients)
Users— Defines a username within the J2EE security domain. In the default realm, the username is the principal name. In the certificate realm, the common name on the certificate is the username.
Groups— Users in the default realm can be assigned to groups. Groups can be mapped onto role references to simplify security administration.

The J2EE RI is not intended to be a commercial server and so the support for administering users is simplistic but sufficient for development purposes. You can administer users using the command line asadmin command or the Web-based Admin Console. Because this book is not a guide to the J2EE RI, no detailed discussion of adding users and groups will be provided. Instead you will use the Day 15 asant build files to create the users required for today's exercise.

For today's examples you will add five users to the file realm using the asant build files supplied in Day15/examples directory. The required sample users are defined in Table 15.1.

Table 15.1. Agency Case Study Users
User	Password	Group
`agency`	`agency`	`Administrator`
`romeo`	`romeo`	`Applicant`
`juliet`	`juliet`	`Applicant`
`winston`	`winston`	`Customer`
`george`	`george`	`Customer`

To add these users run the command:

asant create-users

You do not need to do anything else but if you want to look at the J2EE RI support for users in more detail you can use asadmin to obtain a list of users with the command

asadmin list-file-users --user admin

Other asadmin commands for working with users are create-file-user, delete-file-user and update-file-user. Use the --help option to any of these commands to obtain details on how to use them.

You can also use the Admin Console Web interface to create and delete users and change an existing user's password. Figure 15.4 shows the Admin Console page displaying the users created for today's examples.

Figure 15.4. Using Admin Console to View J2EE RI Users.

NOTE

You must add these users to your J2EE server if you want to use the sample code provided on the accompanying Web site.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Working with J2EE RI Security

Create new playlist

Sign In

Sign Up

Working with J2EE RI Security

Figure 15.4. Using Admin Console to View J2EE RI Users.

Table of Contents for
Working with J2EE RI Security