[Exercises] Summary of Exercises for Java EE Security

  1. FORM Based Authentication - Without Container Template

    1. Create a Dynamic Web Project with a web.xml file; name it as ServletSecurity.

    2. Create a servlet RestrictedServlet with url pattern “/RestrictedServlet” that print “Restricted Servlet” to client.

    3. Create a servlet LoginServlet with url pattern “/LoginServlet” that gets the username and password from client and validate it against a dummy hashmap of username and password.

    4. Create a form in JSP/html file for authenticating users with FORM based authentication using custom fields for username and password and submit the form to LoginServlet. 

    5. Create a JSP/html file to display in case of a login failure

    6. Declare the type of authentication as FORM and specify the login form and error page in the web.xml.

    7. Define roles, users and create mapping between them

    8. Make entries in web.xml so that this security constraint is applied to any requests that come to the applicaiton, including to the servlet RestrictedServlet

    9. Map roles with security constraints

    10. Test login success and login failure scenarios

    11. See the actual requests and responses between client and server using a protocol analyzer such as tcpmon or wireshark. 

  2. FORM Based Authentication - With Container Template

    1. Create a Dynamic Web Project with a web.xml file; name it as ServletSecurity.

    2. Create a servlet RestrictedServlet with url pattern “/RestrictedServlet” that print “Restricted Servlet” to client.

    3. Create a form in JSP/html file for authenticating users with FORM based authentication using the default template provided by container. 

    4. Create a JSP/html file to display in case of a login failure

    5. Declare the type of authentication as FORM and specify the login form and error page in the web.xml.

    6. Define roles, users and create mapping between them

    7. Make entries in web.xml so that this security constraint is applied to any requests that come to the applicaiton, including to the servlet RestrictedServlet

    8. Map roles with security constraints

    9. Test login success and login failure scenarios

    10. See the actual requests and responses between client and server using a protocol analyzer such as tcpmon or wireshark. 

Tags: 

Search the Web

Custom Search

Searches whole web. Use the search in the right sidebar to search only within javajee.com!!!

Quick Notes Finder Tags

Activities (1) advanced java (1) agile (3) App Servers (6) archived notes (2) ArrayLists (1) Arrays (2) Best Practices (12) Best Practices (Design) (3) Best Practices (Java) (7) Best Practices (Java EE) (1) BigData (3) Chars & Encodings (6) coding problems (2) Collections (15) contests (3) Core Java (All) (52) course plan (2) Database (12) Design patterns (8) dev tools (3) downloads (2) eclipse (9) Essentials (1) examples (14) Exception (1) Exceptions (4) Exercise (1) exercises (6) Getting Started (18) Groovy (2) hadoop (4) hibernate (77) hibernate interview questions (6) History (1) Hot book (4) http monitoring (2) Inheritance (4) intellij (1) java 8 notes (4) Java 9 (1) Java Concepts (7) Java Core (7) java ee exercises (1) java ee interview questions (2) Java Elements (16) Java Environment (1) Java Features (4) java interview points (4) java interview questions (4) javajee initiatives (1) javajee thoughts (3) Java Performance (6) Java Programmer 1 (11) Java Programmer 2 (8) Javascript Frameworks (1) Java SE Professional (1) JSP (1) Legacy Java (1) linked list (3) maven (1) Multithreading (16) NFR (1) No SQL (1) Object Oriented (9) OCPJP (4) OCPWCD (1) OOAD (3) Operators (4) Overloading (2) Overriding (2) Overviews (1) policies (1) programming (1) Quartz Scheduler (1) Quizzes (17) RabbitMQ (1) references (2) resources (1) restful web service (3) Searching (1) security (10) Servlets (8) Servlets and JSP (31) Site Usage Guidelines (1) Sorting (1) source code management (1) spring (4) spring boot (3) Spring Examples (1) Spring Features (1) spring jpa (1) Stack (1) Streams & IO (3) Strings (11) SW Developer Tools (2) testing (1) troubleshooting (1) user interface (1) vxml (8) web services (1) Web Technologies (1) Web Technology Books (1) youtube (1)