3

I found there are 2 types of authentication mechanism in JSF.

  1. JAAS (Java Authentication and Authorization Service)
  2. Container managed

(please correct if I am wrong)

I tried searching for a better tutorial that guide to learn any of those method. Unfortunately I was ended up in many of uncompleted lessons. Can any one provide me a solid tutorial or any guide where I can catch the rope.

Muneer
  • 7,384
  • 7
  • 38
  • 62
  • You should be more precise about your environment. Are you using JavaEE6/JSF2? There is a related discussion on Stackoverflow about authentication in this environment: http://stackoverflow.com/questions/2206911/best-way-for-user-authentication-on-javaee-6-using-jsf-2-0 – Wolkenarchitekt Jul 01 '10 at 10:23
  • I am using JavaEE6/JSF2 with GlasfissV3 server. – Muneer Jul 02 '10 at 20:27
  • 1
    there is a tutorial available for authenticate and authorize users in a Java EE 6 using JSF: http://apex.oracle.com/pls/apex/f?p=44785:24:0::NO:24:P24_CONTENT_ID,P24_PREV_PAGE:6517,2 – user1704023 Sep 27 '12 at 16:47

2 Answers2

2

There are not just 2 types of authentication mechanisms (regardless of JSF). The Oracle (SUN) documentation is actually very good and I would recommend it:

Tutorial

It discusses how to address security requirements in web tier and enterprise tier applications. Namely:

  1. Getting Started Securing Web Applications - discusses and provides examples for adding security to web components such as servlets.
  2. Getting Started Securing Enterprise Applications - discusses adding security to Java EE components such as enterprise beans and application clients.
Ross
  • 3,008
  • 1
  • 22
  • 27
  • Thaaaks for the link Ross. I will check it and come back. Do you know any other Tutorial other than the Documentation? – Muneer Jul 02 '10 at 20:31
  • 1
    The following link covers form based authentication for a web application that is deployed to Tomcat or GlassFish: http://monstersandwich.blogspot.com/2010/03/shopping-cart-web-application-security.html – Ross Jul 03 '10 at 05:25
  • Thanks for the comment Ross. This is a nice tutorial creating a full JSP app. Still, this is not covering the authentication in detail. It has an overall summary with code download only. Any way thanks for the link – Muneer Jul 03 '10 at 05:50
1

Correct name is JAAS (Java Authentication and Authorization Service) not JASS.

Have you been here?

Regards

sourcerebels
  • 5,140
  • 1
  • 32
  • 52