Reputation: 923
Java EE 7 dynamic user roles
My problem is the integration of a security system in my java ee 7 web application with glass fish 4. I have seen several examples of authentication declarative but also programmatic but none of them covered my problem. In my application i have 2 groups which need authentication.
- ADMIN = All access rights
- EMPLOYEE = Only a subset of the admin rights.
The problem is that the users of these groups are always changing so i want to store all the users in a DB table. Also i want to use @RolesAllowed annotation and programmatic security like ctx.isCallerInRole("ADMIN") because of simplicity.
Summary: I want to store all users in a database table and i want to use @RolesAllowed annotation and programmatic security like ctx.isCallerInRole("ADMIN"). Is this possible to accomplish?
Upvotes: 0
Views: 1169
Answers (1)
Reputation: 38132
Yes, this is possible. E.g. look for the "JDBC Realm".
Here is an older tutorial. It might still work with GlassFish 4, though:
https://blogs.oracle.com/swchan/entry/jdbcrealm_in_glassfish
Upvotes: 2
Related Questions
- Security constraint in web.xml for authenticated users without role memberships
- What is the best approach to create a role based web application?
- User and Role Management in java with LDAP
- dynamic roles on a Java EE server
- Add Java EE Security Roles dynamically without using deployment descriptor
- Look for a role-based authentication solution in java
- Programmatic login based on JDBCRealm
- Programmatically add roles after authentication
- How to authenticate users by their role declarative?
- Glassfish 3 security - Form based authentication using a JDBC Realm