Several Java Servlet Authentication Methods

Question

Several Java Servlet Authentication Methods

Is it possible to have multiple authentication methods for a Java servlet? For example, in addition to forms-based authentication, in addition to opening an id-based identifier , so that users can choose how they enter the system.

+5

java

Kththunder Jun 18 '10 at 2:39

source share

3 answers

JAAS, Java. JAAS, , , , . PAM ( ). "J2SE JAAS" Google http://server.pramati.com/docstore/1270002/index.htm. , .

+1

WindsurferOak 18 . '10 5:11

, , , , .

, SpringSecurity , OpenId, X509 , , , .

0

Stephen C 18 . '10 2:56

bguiz · Accepted Answer · 2010-06-18T04:53:42+0000

Yes.

However, I would suggest doing this using servlet filters, and not just on the servlet itself.

http://brendangraetz.wordpress.com/2010/06/17/use-servlet-filters-for-user-authentication/

Follow the steps in this article and override the method isAuth()so that it authenticates in any mode. In (very rude, unverified) code:

@Override protected boolean isAuth()
{
    String authMode = (String)(getSession(true).getAttribute("authMode"));
    if (authMode == null) { return false; }
    if (authMode.equals("open id") {
        //do open id authentication steps here
        //return true if authentication passes
    }
    else if (authMode.equals("some other authentication") {
        //do some other authentication steps here
        //return true if authentication passes
    }
    ...
    return false;    
}

, , , .

"" , HTTP , HTTP. , , , .

Several Java Servlet Authentication Methods

More articles: