Role of JSP in J2EE / Basic Authentication

aniseedsplashΛογισμικό & κατασκευή λογ/κού

15 Αυγ 2012 (πριν από 4 χρόνια και 4 μήνες)

293 εμφανίσεις

1

Chapter 16:

Role of JSP in J2EE /

Basic Authentication

Reference: Beginning JSP

2

Objectives


Structure of a Web Application


Web Application Deployment Descriptor


Web.xml


Packaging & Deploying a Web Application


Basic Authentication

3

Structure of a Web Application


Reference: Page 512


A
Web application

provides a standard means
of
packaging all the JSP files and all other
application resources

in manner that all J2EE
-
compliant Web application servers can
understand.


Required Directory Structure

webapp/




-

root of Web app


WEB
-
INF/
web.xml


-

DD of Web app


WEB
-
INF/classes


-

Java classes


WEB
-
INF/lib



-

JAR files

4

Web.xml: Deployment Descriptor (DD)


Common JSP


Jsp
-
config


Context
-
param


Welcome
-
file
-
list


Error
-
page


Enterprise JSP


Login
-
config


Security
-
constraint


Security
-
role


Env
-
entry


Resource
-
ref


Servlet


Servlet
-
mapping


5

Packaging & Deploying a Web App


Without NetBeans


manually create a zip (WAR) file following the
structure of a Web app


In NetBeans


WAR file is automatically created when you
Run Project.


Alternative: Build Project


Destination:


<netbeans project dir>
\
dist
\
ch16
-
src.war


6

Basic Authentication


Reference: Page 528
-
529


In tomcat
-
users.xml


<
role

rolename="
chapter16role
"/>


<
user

username="
chapter16
" password="
chapter16
"
roles="
chapter16role
"/>



7

Basic Authentication (2)


In web.xml



<security
-
role>


<role
-
name>
chapter16role
</role
-
name>


</security
-
role>


<security
-
constraint>


<web
-
resource
-
collection>


<url
-
pattern>/
showDate.jsp
</url
-
pattern>


</web
-
resource
-
collection>


<auth
-
constraint>


<role
-
name>
chapter16role
</role
-
name>


</auth
-
constraint>


</security
-
constraint>


<login
-
config>


<auth
-
method>
BASIC
</auth
-
method>


<realm
-
name>
Chapter 16 Realm
</realm
-
name>


</login
-
config>


Warning:

No encryption!

8

Demo: Using ‘
tomcat
’ Role


Existing
tomcat
-
users.xml


<user name="
tomcat
" password="
tomcat
" roles="
tomcat
" />


In
web.xml



<security
-
constraint>


<web
-
resource
-
collection>


<url
-
pattern>/
showDate.jsp
</url
-
pattern>


</web
-
resource
-
collection>


<auth
-
constraint>


<role
-
name>
tomcat
</role
-
name>


</auth
-
constraint>


</security
-
constraint>


<login
-
config>


<auth
-
method>
BASIC
</auth
-
method>


<realm
-
name>
Chapter 16 Realm
</realm
-
name>


</login
-
config>


9

Next Steps


Try It Out sections of Textbook (Chapter
16)


For more Web app security options, see
Chapter 24 (Security)