What are the alternatives for Java authentication?

Question

What are the alternatives for Java authentication?

Preferably what works well with the Flex interface. Yes Spring. The security guys say this is possible, but all the examples seem to use outdated jsp tag libraries, which makes them half useless as examples. I do not want to carry out a monthly setup and learn to use a security tool. I need a tool that supports the use of annotations (@RolesAllowed, etc.), MINIMAL XML, and Remember-me functions (not based on cookies).

Apache Shiro seems to support Flex / Silverlight / Swing, but I would like to know if there are other alternatives that are NOT specific containers.

+5

java security authentication flex

Manius May 08 '10 at 16:42

source share

3 answers

I don’t understand why Flex has to authenticate anything, because the client side. What prevents someone from decompiling your flash drive / flash drive?

For most people, Apache Shiro is redundant and they just collapse their own. It is not a good idea to be honest. Over the years, I have seen many terrible authentication systems. Cookies are intended for session tracking for a client, why use anything else?

Edit: Use spring secuirty for authentication.

0

rook May 08 '10 at 18:01

source share

Spring - , , .

BlazeDS . , , HTTP. Blaze URL-. , , URL- web.xml/ spring.

, spring Security/JAAS jsps URL- blaze.

Spring . mem-mem-me, cookie. " " .

, cookie. cookie , .

And finally, security is pointless without using https. You absolutely must use https throughout the application if you care about security.

0

Sripathi krishnan May 08, '10 at 21:10

source share

Manius · Accepted Answer · 2010-12-19T19:37:46+0000

Turns off Apache Shiro is a simple and easy to learn solution than Spring Security. And no stupid xml configuration is good.

What are the alternatives for Java authentication?

More articles: