[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 373
  • Last Modified:

creating a web portal using J2EE

I'm planning to use J2EE to implement a web site that requires users to register or log in to their accounts before they can use the site. I tried implementing the login & registration methods myself, but came to realize that 1) this same code must have already been written many times, 2) creating good registration and method script isn't simple, since there are many special cases related to security. Here are a few of the special cases:

-IP addresses attempting to login should be recorded, and temporarily disabled following too many unsuccessful attempts.
-Usernames and passwords must be well-formed and able to withstand dictionary-based attacks.
-The rate of registrations from a single ip address must be limited.
-Ideally, a users would have to mirror the letters displayed in a jpeg in order to register for a new account.

If it matters, I was planning to use JBoss, MySQL, Apache, and Debian Linux.

QUESTION: How can I avoid having to write registration and login methods? Are there existing classes I can use, or are there entire frameworks that run on top of J2EE that provide registration/login functionality? How would a professional J2EE programmer build such a site?

Thank you very much!
0
bobwood2000
Asked:
bobwood2000
  • 2
2 Solutions
 
reginabCommented:
<QUESTION: How can I avoid having to write registration and login methods? Are there existing classes I can use, or are there entire frameworks that run on top of J2EE that provide registration/login functionality? How would a professional J2EE programmer build such a site? >

I would probably download jetspeed at least to use as a template to get you started.

of course the original objective of java was reuseable code so I think you are right not to exhaust yourself overly with recreating the wheel.

Start here I think:

http://portals.apache.org/
http://portals.apache.org/jetspeed-1/

and then here:
http://struts.apache.org/
0
 
petmagdyCommented:
Hi bobwood2000,

I worked before on Jakarta jetspeed:

http://portals.apache.org/jetspeed-1/

it has out of the box registration and Login, has also ready plugins for LDAP based or database authentication, i tried it before with OpenLDAP, privides encrypted passwords and work over any J2EE Server including JBOSS and I tried it on orion server, also it is very powerful portal framework and opensource , (IBM Websphere Portal is based on Jetspeed)
also take a look on the role based security features:

http://portals.apache.org/jetspeed-1/security.html

Cheers!
0
 
bobwood2000Author Commented:
Thanks Reginab & Petmagdy. Before I got your responses I didn't even realize that there was a whole class of software to implement j2ee web portals.

Now I'm trying to decide between using JetSpeed-2, Exo, and Liferay. All claim to be JSR-168 complaint, but perhaps some include more extensive API's or come bundled with more portlets. I probably don't need an especially extensive API, and while I might make use of some existing portlets, writing my own portlet will be of much greater importance. Which portal of these portals do you think would be best for me?

Thanks.
0
 
reginabCommented:
I think the jetspeed is pretty nice, and gives you good ideas for taking it other directions. things you can change and expand on,  it will also give you clear hierarchal guidance in the parent child relationships required in controlling your portals access to different things. which can be murky but I think is fine in jetspeed.  good luck.
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now