Authorization and authentication on the web application with JSF, Hibernate and Tomcat

纵饮孤独 提交于 2019-12-25 02:00:24

问题


I am programming a Web-Application with Java EE, JSF, Hibernate, MySQL by using Eclipse and Apache Tomcat. I do not use Spring, EJB or etc.

I have simple login page. There are two inputs for username and password and submit button to pass values of inputs to the bean. If entries of users are matched with records in DB, then next page is opened. However, this process has a lack of security. If user enters a URL of next pages, he/she can easily skips login process without any security.

I know that my application needs authentication and authorization. I have googled these terms for three days. I learned lots of things, but I do not have found a simple solution for the application with JSF, Hibernate and worked on Apache Tomcat.

Is there any simple example that contains this kind of configuration? I do not need detailed management. Just a simple authentication (also maybe authorization).

I am really tired, please help me.

EDIT (1):

I chose "container managed authentication" as a login strategy and I develeped some code. com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Unknown column 'USER_NAME' in 'where clause' - container managed authentication. However, I get com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException. I hope to reach the solution, if you help me. All feedback appreciated!

EDIT (2):

I realized that "container managed authentication" has strict rules and it limits the freedom of coding. Programmer cannot write code based on requirements of application with this solution. Because of that, I implement Servlet-Filter solution which is old, but powerful, in my app. If you want to try new ones, Apache Shiro may be an option. I advise to look at the article of http://balusc.blogspot.com.tr/2013/01/apache-shiro-is-it-ready-for-java-ee-6.html#ProgrammaticLogin


回答1:


Try using Spring security, it will allow to protect the application with authentication and authorization. See this tutorial as a starting point.



来源:https://stackoverflow.com/questions/23087056/authorization-and-authentication-on-the-web-application-with-jsf-hibernate-and

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!