geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: Security app
Date Wed, 12 Oct 2005 22:01:51 GMT
Some info to get you started is in this developerworks article:

http://www-128.ibm.com/developerworks/java/library/os-ag-security/ 
index.html

it is only slightly out of date :-)  I think the problems mentioned in  
it have been fixed in M5.

I may not understand your application well enough, but I think you will  
need to go beyond declarative j2ee security and implement some logic to  
determine whether the user can download a file: you don't normally  
change permissions dynamically for a user depending on whether they  
have paid or not.

Hope this helps,
david jencks

On Oct 12, 2005, at 2:41 PM, <tbot55@yahoo.com> wrote:

> I'm looking into building a simple application that
> implements the security features of Geronimo that can
> later be built upon.
>
> The security aspect I'd like to focus on is limiting
> access for certain users to a page, similar to HTTP
> authentication.
>
> This brings up a few questions:
>  - Where are the user names/passwords kept?
>  - Is there a URL someone could point me to that
>    documents any of the APIs above?
>
> The purpose of the application is this: At the end of
> the shopping cart process for a purchased electronic
> item, such as an eBook, the application would give the
> buyer access (by providing a user name/password) to
> the directory where the file exists for download.
> Without which, the user would not otherwise be able to
> access the directory and download the product.
>
> Any tips/pointers to any recommended API and/or
> documentation would be greatly appreciated!
>
> Thanks!
> Tyler
>
>
> 		
> __________________________________
> Yahoo! Music Unlimited
> Access over 1 million songs. Try it free.
> http://music.yahoo.com/unlimited/
>


Mime
View raw message