Tuesday, 1 May 2012

File realm & role based security with Glassfish 3.1






Here in this video you can see how i create a simple security realm that uses a file in a safe place in the app server to store the credentials. One thing i forgot was to show you how to logout :)
Don't worry is not very difficult, for that you can implement your own logout servlet to invalidate the session.
Here is some example of code for logging out:


1:  @WebServlet(name = "LogoutServlet", urlPatterns = {"/logout"})  
2:   public class LogoutServlet extends HttpServlet {  
3:   @Override  
4:   protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {  
5:    //Invalidates the session  
6:    request.getSession(false).invalidate();  
7:    // Redirects back to the initial page.  
8:    response.sendRedirect(request.getContextPath());  
9:   }  
10:   }  

Also here there is an image to show where can you enable HTTPS for the admin panel:


Note: The SSL certificate that comes with glassfish is expired that is the reason why you will see a warning message before you login.

No comments:

Post a Comment