Java EE 7 dynamic user roles

Question

My problem is the integration of a security system in my java ee 7 web application with glass fish 4. I have seen several examples of authentication declarative but also programmatic but none of them covered my problem. In my application i have 2 groups which need authentication.

ADMIN = All access rights
EMPLOYEE = Only a subset of the admin rights.

The problem is that the users of these groups are always changing so i want to store all the users in a DB table. Also i want to use @RolesAllowed annotation and programmatic security like ctx.isCallerInRole("ADMIN") because of simplicity.

Summary: I want to store all users in a database table and i want to use @RolesAllowed annotation and programmatic security like ctx.isCallerInRole("ADMIN"). Is this possible to accomplish?

Puce · Accepted Answer · 2014-04-03T08:38:52.390

2

Yes, this is possible. E.g. look for the "JDBC Realm".

Here is an older tutorial. It might still work with GlassFish 4, though:

https://blogs.oracle.com/swchan/entry/jdbcrealm_in_glassfish

edited Apr 03 '14 at 08:38

answered Apr 03 '14 at 08:20

Puce

37,247
13
80
152

so with JDBC Realm i can also use these annotations? – perotom Apr 03 '14 at 08:24
1

Yes, the realm used is independent of the annotations in the project. – MasNotsram Apr 03 '14 at 08:25

Java EE 7 dynamic user roles

1 Answers1