K
Karolski
Hello All,
This is my first post here, so please, be patient.
It's all about j2ee technology.
I'm working on some kind of two-level
authorization. Let me explain.
The webbrowser would be a client.
- There are some applications, which are working
with the database (app1, app2, app3...appN)
- there are users (user1, user2, user3... userM)
- any single user belongs to a group (or groups)
(group1, group2, group3... groupO)
- any single group has access to a different set
of application, i.e
group2 has access to a app1, app2, app7 (so users
belongs to that group have access to app1, app2, app7)
group5 has access to a app2, app10, app12
All information (including login and passwd) about
users are stored in a database. I would like to
have a web-interface, where users can log in
(giving their password and login). If the login
would be correct, the user will see applications,
which are available to him. This part would be
created with simple session objects. Next, I have
to protect those applications, so no other could
use it. First thought was to protect it with,for
example, basic-auth. This is very comfortable for
people developing that apps, becouse it is very
simple to protect that apps with basic-auth using
Deploytool (we are using Sun Java ONE App Server).
But, on the other hand, users should know many
logins and passwords. I'm wondering if there is a
better solution for that.
Thanks in advance for all ideas.
greetings,
Karolski
This is my first post here, so please, be patient.
It's all about j2ee technology.
I'm working on some kind of two-level
authorization. Let me explain.
The webbrowser would be a client.
- There are some applications, which are working
with the database (app1, app2, app3...appN)
- there are users (user1, user2, user3... userM)
- any single user belongs to a group (or groups)
(group1, group2, group3... groupO)
- any single group has access to a different set
of application, i.e
group2 has access to a app1, app2, app7 (so users
belongs to that group have access to app1, app2, app7)
group5 has access to a app2, app10, app12
All information (including login and passwd) about
users are stored in a database. I would like to
have a web-interface, where users can log in
(giving their password and login). If the login
would be correct, the user will see applications,
which are available to him. This part would be
created with simple session objects. Next, I have
to protect those applications, so no other could
use it. First thought was to protect it with,for
example, basic-auth. This is very comfortable for
people developing that apps, becouse it is very
simple to protect that apps with basic-auth using
Deploytool (we are using Sun Java ONE App Server).
But, on the other hand, users should know many
logins and passwords. I'm wondering if there is a
better solution for that.
Thanks in advance for all ideas.
greetings,
Karolski