Tuesday, February 19, 2013

JAAS between two EE applications with TomEE, WS-RS and Javascript

Attention: This is old stuff. New build instructions here

PhotoDB no longer contains user data. Now its users credentials are remotely managed by FaceID. PhotoDB binds itself to it via via ws-rs from loginscript.js, and the JAAS does the rest.

While JAX-RS 2.0 and its very handy Client API are not yet official, our JAAS needs to use a regular java.net.URL connection. This way we avoid to get tied to any proprietary library. The loginscript.js opens an http connection to the remote application and authenticates the provided user credentials against what FaceID have stored. The resulting output is either a csv string with a list of all the groups in which the user is part, or a "Bad user or password" exception.

The applications now share the same TomEE installation, but you don't need to worry about it. We have a new Makefile task: make up-war-restart. So, let's build it!

Clone the projects and open two terminal windows.



First run make clean-start && make tail for the PhotoDB in order to build the application and tail the catalina.out file.



You should be able to use the PhotoDB application with the user "michael" and password "test".
 Now run make up-war-restart for the FaceID.


You should see some action in the catalina.out file.



Open http://localhost:8080/faceid/ and http://localhost:8080/photodb/


The FaceID application has only one user. The user name is admin and its password is admin. The PhotoDB application has no user yet. So, let's create one.


The "Groups" field is a comma-separated value like "groupA, groupB, groupC". For now let's use "photo-user".


Now go to PhotoDB and login with your newly created user.



Side note: Did you notice how fast TomEE starts up two applications?
Join the fun with TomEE! http://tomee.apache.org/

PhotoDB: https://github.com/tveronezi/photodb
FaceID: https://github.com/tveronezi/faceid

[]s