users@glassfish.java.net

Easiest and most portable way to authenticate programatically.

From: <glassfish_at_javadesktop.org>
Date: Sun, 07 Feb 2010 15:01:48 PST

Hi,

I'm trying to figure out an easy way that I can authenticate to both the web and EJB tier of Glassfish, but I want to gather credentials (userid, password) from my users rather than using BASIC or FORM based authentication via the web.

I'm trying to come up with a solution that will work with both a Flex based (in browser) and an AIR based (not in browser) UI. This guy posts directly to j_security_check and the concept is similar to what I'd like to do:

http://www.object-factory.org/?p=26

I think I could use ProgrammaticLogin if it comes to it, but I'd prefer a solution that is portable between application servers. As a last resort I could probably even write a custom realm.

However, all I want to do is authenticate to the container and have it handle everything else. Is there any way I can get access to the (instance of) LoginContext that is being used by Glassfish?

I'd really appreciate any help / suggestions. I've read tons and tons on the subject and I haven't found a solution that works as well as I'd like.

I'm also going to add some feedback about authentication in general with JavaEE. Container based authentication is fantastic for people like me that don't want to get too deep into JAAS. However, I don't think that having the container responsible for gathering credentials works very well.

I've used container based authentication in standalone java clients (ACC), web based clients (j_security_check / FORM web auth), flex clients (BASIC web auth), and AIR clients (BASIC web auth). In every case the gathering of credentials is disgustingly ugly and error handling is non-existent. The only thing that I consider satisfactory is FORM based authentication in the web tier, but it's not an option for most front ends.

Why not leave it up to the UI / application designer to gather the appropriate credentials and pass them to the container? Please don't take my feedback in too negative of a context. My intent is to provide feedback, not criticism and it's entirely likely there may be a good way of dealing with my problem that I'm not aware of.

Thanks in advance for any help,
Ryan
[Message sent by forum member 'jptech' (ryan_at_jptech.ca)]

http://forums.java.net/jive/thread.jspa?messageID=385338
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.