SRV.11.3 Programmatic Security

Previous page
Table of content
Next page

Programmatic security is used by security aware applications when declarative security alone is not sufficient to express the security model of the application. Programmatic security consists of the following methods of the HttpServletRequest interface:

  • getRemoteUser

  • isUserInRole

  • getUserPrincipal

The getRemoteUser method returns the user name that the client authenticated with. The isUserInRole queries the underlying security mechanism of the container to determine if a particular user is in a given security role. The getUserPrincipal method returns a java.security.Principal object.

These APIs allow servlets to make business logic decisions based on the logical role of the remote user. They also allow the servlet to determine the principal name of the current user.

If getRemoteUser returns null (which means that no user has been authenticated), the isUserInRole method will always return false , and the getUserPrincipal will always return null .


Previous page
Table of content
Next page
Java 2 Platform, Enterprise Edition. Platform and Component Specifications
Java 2 Platform, Enterprise Edition: Platform and Component Specifications
ISBN: 0201704560
EAN: 2147483647
Year: 2000
Pages: 399
Authors: Bill Shannon, Mark Hapner, Vlada Matena, James Davidson, Enterprise Team, Eduardo Pelegri-Llopart, The Enterprise Team
BUY ON AMAZON
Image Processing with LabVIEW and IMAQ Vision
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
MySQL Clustering
MySQL Cookbook
Quantitative Methods in Project Management
Java All-In-One Desk Reference For Dummies
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy