--Using DBSecurityManager
1 post
• Page 1 of 1
--Using DBSecurityManager
This article is outdated - please use our new system at
https://doc.sibvisions.com
User authentication is a common requirement for business applications. Although it is a fairly simple task, implementation is often anything but easy. The more an application has to be integrated into an existing infrastructure, the more complex the implementation can be, e.g. Single Sign On.
The JVx framework allows the integration of any authentication system. The Security Manager concept allows the use of a new system at any time.
XmlSecuritymanager and DBSecurityManager have already been implemented. The DBSecurityManager checks a username and passwort against a user table in the database.
This table can be defined as follows:
- Code: Select all
CREATE TABLE USERS
(
ID INTEGER IDENTITY,
USERNAME VARCHAR(255) NOT NULL,
PASSWORD VARCHAR(255) NOT NULL,
CHANGE_PASSWORD CHAR(1) DEFAULT 'N',
VALID_FROM TIMESTAMP,
VALID_TO TIMESTAMP,
ACTIVE CHAR(1) DEFAULT 'Y',
FIRST_NAME VARCHAR(20),
LAST_NAME VARCHAR(20),
EMAIL VARCHAR(255),
PHONE VARCHAR(20),
CONSTRAINT USR_PK PRIMARY KEY(ID),
CONSTRAINT USR_NAME_UK UNIQUE(USERNAME)
)
Config.xml has to be adapted to enable the use of the Security Manager:
- Code: Select all
<application>
...
<securitymanager>
<class>com.sibvisions.rad.server.security.DBSecurityManager</class>
<database>
<url>jdbc:derby://localhost:1527/demo</url>
<username>user</username>
<password>pwd</password>
</database>
</securitymanager>
...
</application>
Everything else is handled by JVx:
- Verifying the username
- Verifying the password
- Verifying validity
- Verifying activation
For the implementation of alternative authentication systems see Implementing the Security Manager.
-
Development@SIB - Posts: 325
- Joined: Mon Sep 28, 2009 1:54 pm
1 post
• Page 1 of 1