Java Reference
In-Depth Information
Security
Problem
The OMS application requires that only authenticated users can search for services and
place orders. Anonymous users should be prevented from pasting a URL in the browser's
address bar and accessing a page in the application.
Forces
• Only valid users are allowed entry into the application.
• All different entry points into an application should be guarded by authentication.
• All authenticated users should have the appropriate roles/authority to access
secure system resources.
Solution
All these forces probably are familiar to you. You guessed right—you will need to imple-
ment the Authentication and Authorization Enforcer design pattern to solve this
problem. I will not delve much into the details of this solution because the entire prob-
lem can be addressed by this pattern described in Chapter 6.
Java Server Pages
Problem
The OMS application needs to display dynamic data to the end users. It also needs to
show controls such as text fields and buttons for the users to interact with the applica-
tion. The dynamic data and controls must be presented in a particular layout. It should
be easy to rearrange the position of the data and controls in the layout with configura-
tion. The layout should be flexible enough to add or remove new content.
