I am having a tough time wrapping my mind around the EE paradigms.
I want to authenticate users based on a token in the incoming url.
The authentication token is the md5sum of their name and a shared secret salt string.
This can be generated by anyone who knows the secret salt string.
eg
http://server/webapp?authToken=6652bb81bb1e16cb8ebbc613ba0ce367
At some point the web app needs to query the database and generate a map of authTokens to actual client names.
I have a DB where I can run a query like:
SELECT DISTINCT clientName FROM client_table;
The webapp iterates over the resultset, generating the tokens and puts the client name into the map under the authToken as the key.
I would like to be able to update the map without having restart the webapp.
I am assuming the map lives in the applicationScope.
Questions:
Should this be a singleton?
Does this go into a Servlet?
How does a Servlet put things into the applicationScope?
Does this go into a Bean?
What kind of Bean?
How does a Bean put things into the applicationScope?
Does this go into a jspf?
How do I use @Resource to reference the connectionPool for the sql query?
Do I want method injection or class injection?
How do I iterate over a keySet in jstl?
How do I wire up the resource with the reference to the connectionPool?
This is where I am so far but I am just getting more lost.
[code]
@Resource(name = "clientNameDataSource", type = javax.sql.DataSource.class)
public class TokenHandler {
private final static String salt = "Some secret";
private
@Resource
DataSource tokenDataSource;
private Map<String, String> tokenMap;
private static TokenHandler singleton;
private static TokenHandler getInstance() {
synchronized (TokenHandler.class) {
if (singleton == null) {
singleton = new TokenHandler(ds);
}
}
}
private TokenHandler(javax.sql.DataSource ds) {
this.tokenDataSource = ds;
initializeTokens();
}
public void initializeTokens() {
try {
tokenMap = new HashMap<String, String>();
PreparedStatement stmt = tokenDataSource.getConnection().prepareStatement("SELECT DISTINCT client FROM tca_measured_trade");
ResultSet rs = stmt.executeQuery();
while (rs.next()) {
String clientName = rs.getString(1);
tokenMap.put(TokenGenerator.generate(clientName, salt), clientName);
}
} catch (SQLException ex) {
throw new IllegalStateException(ex);
}
}
public boolean isValid(String token, boolean reinit) {
return getClientName(token, reinit) != null;
}
public String getClientName(String token, boolean reinit) {
String clientName = tokenMap.get(token);
if (clientName == null && reinit) {
initializeTokens();
clientName = tokenMap.get(token);
}
return clientName;
}
}
[/code]
[Message sent by forum member 'datasurfer' (datasurfer)]
http://forums.java.net/jive/thread.jspa?messageID=256637