Posted by yamsellem terribly early in the morning: April 18th, 2011
Authenticating users is an important part of an application. Limiting the access to resources with authorization too. Spring Security is a reference in web environment. However, it is tied to the Spring technology and the size of the library — more than 10 JAR of dependencies — may restrain its use. Moreover, its lack of integration with Guice or the recurrent deployment of an App Engine application may exclude it. This is the opportunity to take a closer look at Apache Shiro.
- Introduction to HTTP Authentication
- Shiro servlet filter
- Secure a resource
- Test integration
- Realm and Matcher for the authentication
- A powerful permission model
- Authorize with annotations
- Shiro, a true challenger
Posted by yamsellem in the early morning: March 17th, 2011
As an ubiquitous exchange format, XML is well implemented in java. But those implementations hide how they perform the data binding from a XML structure to an object graph. It leaves us helpless in front of an application giving XML as a plain old string. Because low level API (DOM, XPath) — focused on document structure — are tedious, major JAX-RS implementation (Jersey, CXF) have chosen the same high level API — focused on data —: JAXB. Let’s do the same.