Solved

J2ee Security on web application

Posted on 2004-04-09
6
170 Views
Last Modified: 2013-11-24
Hello,

I think my question is very basic, nevertheless I have searched on the web and have not been able to come up with a satisfying solution for my problem. I might be searching on the wrong keywords or I might be looking for something that is never done the way I want to, so here goes..

I'm working on an intranet application in a J2EE environment (JBoss appserver), mainly using EJBs and servlets. I want to set up the EJB security using the regular J2EE role based mechanism. However, I want the actual users of my application to reside in a Database table, each one mapped to one or more roles defined in the J2EE security.
The idea is, a user logs into the application using a servlet and probably a EBJ. Now, somehow I have to let JBoss know what roles (i.e. what EJB rights) this logged in user has, so JBoss knows what methods/EJB this user may or may not invoke.
Now, how can I do this last part? How can I map a username (not known to JBoss itself) to a role JBoss can authorize?

Thanks in advance ;)

0
Comment
Question by:lizzzard
  • 3
  • 2
6 Comments
 
LVL 14

Accepted Solution

by:
Tommy Braas earned 150 total points
Comment Utility
Is this what you're looking for? http://www.ejbsolutions.com/products/obox/community/ch18.html

The updated version of the document above is available for download for free at:
http://www.ejbsolutions.com/downloads/obox/community/index.html
0
 

Author Comment

by:lizzzard
Comment Utility
Thanks for your comment Orange, but that' snot what Im looking for. I already have my entire platform setup and am well underway developing. I only need the conceptual solution for the problem Im facing.
0
 

Author Comment

by:lizzzard
Comment Utility
No, wait! I didnt see the first link at first, only saw the obox product site.
I'll look into it!

Thanks
0
 

Author Comment

by:lizzzard
Comment Utility
Hello :)

Sprry for the late reply, but got busy with other issues. I looked into it, and this seems about what I needed. Thanks for your suggestion ;)

Regards,
Lizzzz
0
 
LVL 14

Expert Comment

by:Tommy Braas
Comment Utility
=-)
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

By the end of 1980s, object oriented programming using languages like C++, Simula69 and ObjectPascal gained momentum. It looked like programmers finally found the perfect language. C++ successfully combined the object oriented principles of Simula w…
Java Flight Recorder and Java Mission Control together create a complete tool chain to continuously collect low level and detailed runtime information enabling after-the-fact incident analysis. Java Flight Recorder is a profiling and event collectio…
Viewers learn how to read error messages and identify possible mistakes that could cause hours of frustration. Coding is as much about debugging your code as it is about writing it. Define Error Message: Line Numbers: Type of Error: Break Down…
Viewers will learn about if statements in Java and their use The if statement: The condition required to create an if statement: Variations of if statements: An example using if statements:

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now