You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Paul Saumets <pa...@merge-solutions.com> on 2007/02/27 22:29:00 UTC
[S2] LoginAction - Best approach feedback?
Accept Tentative Decline Calendar
Accept Tentative Decline Calendar
Hey,
Looking for feedback on best way to implement a login action mechanism using Struts2/Spring/JPA
Initially I had declared userName and userPassword setters inside my action class and proceeded to call
a validateUser method inside my userService class.
the userService class injects a userdao object and I validate through calling the userdao method validate(String username, String password).
This validate method instantiates a new UserEntity object and a query is performed (jpa) grabbing all entities where login = username (which will be a single entity since username must be unique).
I have this approach working. I would like to know if there is a better way to do this though. Perhaps by declaring a UserEntity obj inside my LoginAction class and having setters called for this obj.
Then I could change my validate to pass along the new UserEntity obj via validate(UserEntity user).
My problem is I'm not entirely sure how I would compare against data in my db using JPA?
Would your validate method then have a findAll() method and then iterate through the list comparing against new UserEntity obj? That make sense?
That would seem very poor though to be since a large userlist could be taxing to iterate over.
Any guidance or tips? :)
Thanks all!
Regards,
Paul
Re: [S2] LoginAction - Best approach feedback?
Posted by ab...@br.ibm.com.
Are you working on this "for fun" or you are really intending to do this
on an production environment?
If you are considering a "real world" solution, maybe it would be
interesting to use web-container-based authorization: I use this
throughout my intranet site and I like it very much, because I simply
don't *NEED* to implement authorization code inside my applications
whatsoever: just configure the web.xml defining roles and such and
*PRESTO!*. And with JAAS you can integrate this login method with
virtually *ANY* preexistent authentication solution.
Hope it helps...
"Paul Saumets" <pa...@merge-solutions.com>
27/02/2007 18:29
Please respond to
"Struts Users Mailing List" <us...@struts.apache.org>
To
user@struts.apache.org
cc
Subject
[S2] LoginAction - Best approach feedback?
Accept Tentative Decline Calendar
Accept Tentative Decline Calendar
Hey,
Looking for feedback on best way to implement a login action mechanism
using Struts2/Spring/JPA
Initially I had declared userName and userPassword setters inside my
action class and proceeded to call
a validateUser method inside my userService class.
the userService class injects a userdao object and I validate through
calling the userdao method validate(String username, String password).
This validate method instantiates a new UserEntity object and a query is
performed (jpa) grabbing all entities where login = username (which will
be a single entity since username must be unique).
I have this approach working. I would like to know if there is a better
way to do this though. Perhaps by declaring a UserEntity obj inside my
LoginAction class and having setters called for this obj.
Then I could change my validate to pass along the new UserEntity obj via
validate(UserEntity user).
My problem is I'm not entirely sure how I would compare against data in my
db using JPA?
Would your validate method then have a findAll() method and then iterate
through the list comparing against new UserEntity obj? That make sense?
That would seem very poor though to be since a large userlist could be
taxing to iterate over.
Any guidance or tips? :)
Thanks all!
Regards,
Paul