Raj S wrote:
>
> Hi,
> I am making an address book application.I have some design issues which I
> have not been able to resolve.
> In this application a user would be able to view his personal address
> book,add addresses and modify or delete them.
> I am using JSP's and at the backened LDAP server.
> I have a list of questions regarding all this.
>
> Do I need to make EJB's in this application to create,retrive or modify
> addresses?
I'm just starting to understand EJB, so I don't know if that's better or
not comparing to JSP/Servlets. If you don't bother with it, keep
reading.
> Can I directly do it through JSP itself.
1. Simple answer: No.
2. Longer one: JSP is very often misused. That happens because people
don't want to write servlets and helper classes as JSP in fact also
becomes servlet. That's true, but it should help people deploying it in
servlet containers, so they don't have to install another software which
could degrade server performance. The key to create yet another
specification based on already known servlet one is that you can
*extend* your desing and stop messing HTML with Java pieces. When you
think about HTML developer who sees Java code and HTML code together,
what do you see ? I'm pretty sure that in most cases that guy won't work
on that project as it shows up as *very bad* design. Once you begin
create HTML pages with Java, you will have to hire not only HTML guru,
but HTML+Java guru which is not easy. Even though HTML is not high level
technology (as EJB) and it's easy to learn, I think to create beatiful
and useful pages you should be an artist. These with cooperation with
Java guru (i.e. JSP/Servlet guru) can merge their power and become
productive team. If each side - HTML and Java are separated, that's
fine, because people can work separately. It's important to create a
team where all parts work together in their own area of knowledge.
So, JSP and servlets can become very productive once you start using it
where they fit in.
> If I can then how do I ensure user authentication?
On each JSP page, put new tag: <my:authentication required="true" />.
The tag would check whether a user is logged in or not and forward (not
redirect !) flow to a "login" component, e.g. LoginServlet. The servlet
then will ask about creditentials and put user's information into
session object. At the moment, the flow can go back to the requested
page with one exception: now a user is authenticated and its information
is in session.
Of course, there are several ways to deal with it. LoginServlet can send
HTTP Authentication Required response, so a browser will pop us
login/password window or you can create a form with <input>'s serving as
a place for a login and a password. Yet another way is to use servlet
container authentication and create appropriate entries in
WEB-INF/web.xml deployment descriptor. After that, if you ask for secure
resources, servlet container will ask you about required info. As you
can see, there are a few ways to use.
> Raj.
Jacek Laskowski
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
