Chapter 8. Developing Protected Portions of AuctionStation
In This Chapter
What You Are Going To Do
Using Tomcat's HTTP Authentication
Performing Custom Form-based Authorization
Performing Custom Authorization
Summary
So far, you have developed the auction items catalog module, which can be viewed by any user, even an unregistered one. The users can browse items and categories without having to log on to the system, but when they want to bid or sell items on AuctionStation, they have to authenticate themselves.
Authentication helps prevent misuse in situations when a user makes spurious bids, posts illegal item listings, or takes other actions that infringe your site usage policies. After authentication, all "protected" actions—such as bid or sell ...
Get Java Server Pages from scratch now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.