0

Is it possible to achieve user authentication at EJB level?
All resources and tutorials I found say ho to do this in servlets (HttpServletRequest)... My application is based on couple JSF pages and one servlet. All I want to do is to authenticate user via JSF page and remember authentication across all application until user logs out or close browser. Moreover I prefer to stick to "raw" Java EE and not use any frameworks.

It seems to be still very unclear for me after I read many articles and question at stackoverflow.

Chandra Sekhar
  • 16,256
  • 10
  • 67
  • 90
Goofy
  • 5,187
  • 5
  • 40
  • 56

1 Answers1

1

You have plenty of choices, see this question. But of all these solutions applies to JSF layer, I don't think you can have direct validation from your JSF/JSP pages to EJB beans(and I don't see why would you want to, because all of above are 100% Java EE solution).

But if want to secure your EJB methods and classes against unathorized access then here is a small example how to do that

Community
  • 1
  • 1
Petr Mensik
  • 26,874
  • 17
  • 90
  • 115