0

I'd like to develop a servlet whichs works as a datalayer between a porlet written in JavaScript (ExtJS) and a database.

Thus I downloaded Eclipse JavaEE and created a sample servlet project. I also successfully deployed a servlet which receives a http-get-request, calls the DB and outputs the result.

But everyone who nows the servlet-uri can call it and sees the result. Thats where it gets tricky - how do I secure my servlet so that only a authenticated/logged in user can call my servlet or how can my servlet check wether the requester is a valid user?

There is a similar question about that Topic but I'm not sure if this is about the same problem: How to create a top-level servlet in liferay

Unfortunately I have no clue how to get the liferay-libraries (e.g. PortalUtil) into my servlet-project. How do I do this step by step?

Is this concept even a good way to secure the datalayer or are there better options?

Any help is appreciated!

Community
  • 1
  • 1
user1821243
  • 33
  • 3
  • Any particular reason why you're writing a *servlet* for Liferay instead of a *portlet*? If you want to utilize the identity management of a portal, you should use the portal infrastructure, which you get in a portlet. – Olaf Kock Sep 25 '15 at 09:34
  • Because we do have an ExtJS-Application which we can not modify. We only know the input and output this application expects. – user1821243 Sep 29 '15 at 08:33

0 Answers0