{"id":13096,"date":"2013-05-22T19:00:32","date_gmt":"2013-05-22T16:00:32","guid":{"rendered":"http:\/\/www.javacodegeeks.com\/?p=13096"},"modified":"2013-05-22T08:21:58","modified_gmt":"2013-05-22T05:21:58","slug":"secure-web-application-in-java-ee6-using-ldap","status":"publish","type":"post","link":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html","title":{"rendered":"Secure Web Application in Java EE6 using LDAP"},"content":{"rendered":"<p>In our previous article we have explained on how to protect the data while it is in transit through <a href=\"http:\/\/idiotechie.com\/understanding-transport-layer-security-secure-socket-layer\/\">Transport Layer Security (TLS)\/Secured Socket Layer (SSL)<\/a>. Now let us try to understand how to apply security mechanism for a JEE 6 based web application using LDAP server for authentication.<\/p>\n<h2>Objective:<\/h2>\n<p>\u2022\u00a0\u00a0 \u00a0Configure a LDAP realm in the JEE Application Server<br \/>\n\u2022\u00a0\u00a0 \u00a0Apply JEE security to a sample web application.<br \/>\n&nbsp;<br \/>\n&nbsp;<\/p>\n<h2>Products used:<\/h2>\n<ul>\n<li>IDE: Netbeans 7.2<\/li>\n<li>Java Development Kit (JDK): Version 6<\/li>\n<li>Glassfish server: 3.1<\/li>\n<li>Authentication Mechanism: Form Based authentication<\/li>\n<li>Authentication server: LDAP OpenDS v2.2<\/li>\n<\/ul>\n<h2>Apply JEE security to the sample web application:<\/h2>\n<p>The JEE web applications can be secured either through Declarative security or Programmatic security.<\/p>\n<p><strong>Declarative security<\/strong> can be implemented in JEE applications by using annotations or through deployment descriptor. This type of security mechanism is used when the roles and authentication process is simple, when it can make use of existing security providers (even external like LDAP, Kerberos).<\/p>\n<p><strong> Programmatic security<\/strong> provides additional security mechanism when declarative security is not sufficient for the application in context. It is used when we require custom made security and when rich set of roles, authentication is required.<\/p>\n<h2>Configure Realm in the Glassfish Application Server<\/h2>\n<p>Before we configure a realm in the Glassfish Application server you will need to install and configure an LDAP server which we will be using for our project. You can get the complete instructions in the following article: \u201c<a title=\"How to install and configure LDAP server\" href=\"http:\/\/idiotechie.com\/how-to-install-and-configure-ldap-server\/\">How to install and configure LDAP server<\/a>\u201d.<br \/>\nOnce the installation is successful start your Glassfish server and go to the admin console. Create a new LDAP Realm.<br \/>\n<figure id=\"attachment_13130\" aria-describedby=\"caption-attachment-13130\" style=\"width: 300px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/Create-new-LDAP-Realm.jpg\"><img decoding=\"async\" src=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/Create-new-LDAP-Realm-300x146.jpg\" alt=\"Create new LDAP Realm\" width=\"300\" height=\"146\" class=\"size-medium wp-image-13130\" srcset=\"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/Create-new-LDAP-Realm-300x146.jpg 300w, https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/Create-new-LDAP-Realm-1024x500.jpg 1024w, https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/Create-new-LDAP-Realm.jpg 1361w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><figcaption id=\"caption-attachment-13130\" class=\"wp-caption-text\">Create new LDAP Realm<\/figcaption><\/figure><\/p>\n<p>Add the configuration settings as per the configurations set up done for the LDAP server.<br \/>\n<figure id=\"attachment_13131\" aria-describedby=\"caption-attachment-13131\" style=\"width: 300px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/Glassfish_Web_App_Realm-wm.jpg\"><img decoding=\"async\" src=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/Glassfish_Web_App_Realm-wm-300x147.jpg\" alt=\"Glassfish Web App LDAP Realm\" width=\"300\" height=\"147\" class=\"size-medium wp-image-13131\" srcset=\"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/Glassfish_Web_App_Realm-wm-300x147.jpg 300w, https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/Glassfish_Web_App_Realm-wm-1024x501.jpg 1024w, https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/Glassfish_Web_App_Realm-wm.jpg 1361w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><figcaption id=\"caption-attachment-13131\" class=\"wp-caption-text\">Glassfish Web App LDAP Realm<\/figcaption><\/figure><\/p>\n<p>JAAS Context \u2013 identifier which will be used in the application module to connect with the LDAP server. (e.g. ldapRealm)<br \/>\nDirectory \u2013 LDAP server URL path (e.g. ldap:\/\/localhost:389)<br \/>\nBase DN: Distinguished name in the LDAP directory identifying the location of the user data.<br \/>\nApplying JEE security to the web application<br \/>\nCreate a sample web application as per the following structure:<br \/>\n<figure id=\"attachment_13132\" aria-describedby=\"caption-attachment-13132\" style=\"width: 278px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/SampleWebApp_Directory.jpg\"><img decoding=\"async\" src=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/SampleWebApp_Directory-278x300.jpg\" alt=\"SampleWebApp Directory\" width=\"278\" height=\"300\" class=\"size-medium wp-image-13132\" srcset=\"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/SampleWebApp_Directory-278x300.jpg 278w, https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/SampleWebApp_Directory.jpg 297w\" sizes=\"(max-width: 278px) 100vw, 278px\" \/><\/a><figcaption id=\"caption-attachment-13132\" class=\"wp-caption-text\">SampleWebApp Directory<\/figcaption><\/figure><div style=\"display:inline-block; margin: 15px 0;\"> <div id=\"adngin-JavaCodeGeeks_incontent_video-0\" style=\"display:inline-block;\"><\/div> <\/div><\/p>\n<p>Form based authentication mechanism will be used for authentication of the users.<br \/>\n<figure id=\"attachment_13133\" aria-describedby=\"caption-attachment-13133\" style=\"width: 300px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/JEE-Login-and-Authentication-wm.jpg\"><img decoding=\"async\" src=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/JEE-Login-and-Authentication-wm-300x179.jpg\" alt=\"JEE Login and Authentication\" width=\"300\" height=\"179\" class=\"size-medium wp-image-13133\" srcset=\"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/JEE-Login-and-Authentication-wm-300x179.jpg 300w, https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/JEE-Login-and-Authentication-wm.jpg 938w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><figcaption id=\"caption-attachment-13133\" class=\"wp-caption-text\">JEE Login and Authentication<\/figcaption><\/figure><br \/>\nLet us explain the whole process with help of above diagram and the code.<\/p>\n<p>Set up a sample web application in Netbeans IDE.<br \/>\n<figure id=\"attachment_13134\" aria-describedby=\"caption-attachment-13134\" style=\"width: 300px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/SampleWebApp.jpg\"><img decoding=\"async\" src=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/SampleWebApp-300x206.jpg\" alt=\"SampleWebApp in Netbeans IDE\" width=\"300\" height=\"206\" class=\"size-medium wp-image-13134\" srcset=\"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/SampleWebApp-300x206.jpg 300w, https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/SampleWebApp.jpg 738w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><figcaption id=\"caption-attachment-13134\" class=\"wp-caption-text\">SampleWebApp in Netbeans IDE<\/figcaption><\/figure><\/p>\n<p><figure id=\"attachment_13135\" aria-describedby=\"caption-attachment-13135\" style=\"width: 300px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/WebApp_Configuration-wm.jpg\"><img decoding=\"async\" src=\"http:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/WebApp_Configuration-wm-300x206.jpg\" alt=\"SampleWebApp Configuration\" width=\"300\" height=\"206\" class=\"size-medium wp-image-13135\" srcset=\"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/WebApp_Configuration-wm-300x206.jpg 300w, https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2013\/05\/WebApp_Configuration-wm.jpg 738w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><figcaption id=\"caption-attachment-13135\" class=\"wp-caption-text\">SampleWebApp Configuration<\/figcaption><\/figure><\/p>\n<h4>Step 1:<\/h4>\n<p>As explained in the above diagram a client browser tries to request for a protected resource from the website <a href=\"http:\/\/idiotechie.com\">http:\/\/{samplewebsite.com}\/{contextroot}\/index.jsp<\/a>. The webserver goes into the web configuration file and figures out that the requested resource is protected.<\/p>\n<p><em>web.xml<\/em><\/p>\n<pre class=\" brush:xml\">&lt;security-constraint&gt;\r\n        &lt;display-name&gt;SecurityConstraint&lt;\/display-name&gt;\r\n        &lt;web-resource-collection&gt;\r\n            &lt;web-resource-name&gt;Secured resources&lt;\/web-resource-name&gt;\r\n            &lt;url-pattern&gt;\/*&lt;\/url-pattern&gt;\r\n        &lt;\/web-resource-collection&gt;\r\n        &lt;auth-constraint&gt;\r\n            &lt;role-name&gt;GeneralUser&lt;\/role-name&gt;\r\n            &lt;role-name&gt;Administrator&lt;\/role-name&gt;\r\n        &lt;\/auth-constraint&gt;\r\n        &lt;user-data-constraint&gt;\r\n            &lt;transport-guarantee&gt;NONE&lt;\/transport-guarantee&gt;\r\n        &lt;\/user-data-constraint&gt;\r\n&lt;\/security-constraint&gt;<\/pre>\n<h4>Step 2:<\/h4>\n<p>The webserver presents the Login.jsp as a part of the Form based authentication mechanism to the client. These configurations are checked from the web configuration file.<\/p>\n<p><em>web.xml<\/em><\/p>\n<pre class=\" brush:xml\">&lt;login-config&gt;\r\n        &lt;auth-method&gt;FORM&lt;\/auth-method&gt;\r\n        &lt;realm-name&gt;ldapRealm&lt;\/realm-name&gt;\r\n        &lt;form-login-config&gt;\r\n            &lt;form-login-page&gt;\/Login.jsp&lt;\/form-login-page&gt;\r\n            &lt;form-error-page&gt;\/LoginError.jsp&lt;\/form-error-page&gt;\r\n        &lt;\/form-login-config&gt;\r\n&lt;\/login-config&gt;<\/pre>\n<h4>Step 3:<\/h4>\n<p>The client submits the login form to the web server. When the servers finds that the form action is \u201cj_security_check\u201d it processes the request to authenticate the client\u2019s credential. The jsp form must contain the login elements j_username and j_password which will allow the web server to invoke the login authentication mechanism.<\/p>\n<p><em>Login.jsp<\/em><\/p>\n<pre class=\" brush:java\">&lt;form action=\"j_security_check\" method=post&gt;\r\n            &lt;p&gt;username: &lt;input type=\"text\" name=\"j_username\"&gt;&lt;\/p&gt;\r\n            &lt;p&gt;password: &lt;input type=\"password\" name=\"j_password\"&gt;&lt;\/p&gt;\r\n            &lt;input type=\"submit\" value=\"submit\"&gt;\r\n            &lt;input type=\"reset\" value=\"Reset\"&gt; \r\n&lt;\/form&gt;<\/pre>\n<p>While processing the request the webserver will send the authentication request to the LDAP server since LDAP realm is used in the login-config. The LDAP server will authenticate the user based on the username and password stored in the LDAP repository.<\/p>\n<h4>Step 4:<\/h4>\n<p>If the authentication is successful the secured resource (in this case index.jsp) is returned to the client and the container uses a session id to identify a login session for the client. The container maintains the login session with a cookie containing the session-id. The server sends this cookie back to the client, and as long as the client is able to show this cookie for subsequent requests, then the container easily recognize the client and hence maintains the session for this client.<\/p>\n<h4>Step 5:<\/h4>\n<p>Only if the authentication is unsuccessful the user will be redirected to the LoginError.jsp as per the configuration in the web.xml.<\/p>\n<pre class=\" brush:xml\">&lt;form-error-page&gt;\/LoginError.jsp&lt;\/form-error-page&gt;<\/pre>\n<p>This shows how to apply form based security authentication to a sample web application. Now let us get a brief look on the secured resource which is used for this project. In this project the secured resource is index.jsp which accepts a username and forwards the request to LoginServlet. Login servlet dispatches the request to Success.jsp which then prints the username to the client.<\/p>\n<p><em>\u00a0index.jsp<\/em><\/p>\n<pre class=\" brush:html\">&lt;body&gt;\r\n        &lt;h2&gt;Please type your name&lt;\/h2&gt;\r\n        &lt;form method=\"POST\" action=\"LoginServlet\"&gt;\r\n            &lt;input type=\"text\" name=\"username\" size=\"25\"&gt;\r\n            &lt;p&gt;&lt;\/p&gt;\r\n            &lt;input type=\"submit\" value=\"Submit\"&gt;\r\n            &lt;input type=\"reset\" value=\"Reset\"&gt;\r\n        &lt;\/form&gt;\r\n &lt;\/body&gt;<\/pre>\n<p><em>LoginServlet.java<\/em><\/p>\n<pre class=\" brush:java\">protected void processRequest(HttpServletRequest request, HttpServletResponse response)\r\n            throws ServletException, IOException {\r\n        response.setContentType(\"text\/html;charset=UTF-8\");\r\n        PrintWriter out = response.getWriter();\r\n        try {\r\n            RequestDispatcher requestDispatcher = getServletConfig().getServletContext().\r\n                    getRequestDispatcher(\"\/Success.jsp\");\r\n            requestDispatcher.forward(request, response);\r\n        } finally {\r\n            out.close();\r\n        }\r\n    }<\/pre>\n<p><em>Success.jsp<\/em><\/p>\n<pre class=\" brush:html\">&lt;body&gt;\r\n        &lt;h1&gt;You have been successfully logged in as ${param.username}&lt;\/h1&gt;\r\n&lt;\/body&gt;<\/pre>\n<p><em>Web.xml<\/em><\/p>\n<pre class=\" brush:xml\">&lt;servlet&gt;\r\n        &lt;servlet-name&gt;LoginServlet&lt;\/servlet-name&gt;\r\n        &lt;servlet-class&gt;com.login.LoginServlet&lt;\/servlet-class&gt;\r\n    &lt;\/servlet&gt;\r\n    &lt;servlet-mapping&gt;\r\n        &lt;servlet-name&gt;LoginServlet&lt;\/servlet-name&gt;\r\n        &lt;url-pattern&gt;\/LoginServlet&lt;\/url-pattern&gt;\r\n &lt;\/servlet-mapping&gt;<\/pre>\n<p>You can download the complete working code from the below link:<\/p>\n<ul>\n<li><strong><a href=\"http:\/\/idiotechie.com\/wp-content\/uploads\/2013\/05\/SampleWebApp-idiotechie.zip\">SampleWebApp-Code Download<\/a><\/strong><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<div style=\"border: 1px solid #D8D8D8; background: #FAFAFA; width: 100%; padding-left: 5px;\"><b><i>Reference: <\/i><\/b><a href=\"http:\/\/idiotechie.com\/secure-web-application-in-java-ee6-using-ldap\/\">Secure Web Application in Java EE6 using LDAP<\/a> from our <a href=\"http:\/\/www.javacodegeeks.com\/jcg\">JCG partner<\/a> Mainak Goswami at the <a href=\"http:\/\/idiotechie.com\/\">Idiotechie<\/a> blog.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>In our previous article we have explained on how to protect the data while it is in transit through Transport Layer Security (TLS)\/Secured Socket Layer (SSL). Now let us try to understand how to apply security mechanism for a JEE 6 based web application using LDAP server for authentication. Objective: \u2022\u00a0\u00a0 \u00a0Configure a LDAP realm &hellip;<\/p>\n","protected":false},"author":248,"featured_media":112,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[289,378],"class_list":["post-13096","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-enterprise-java","tag-java-ee6","tag-ldap"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Secure Web Application in Java EE6 using LDAP<\/title>\n<meta name=\"description\" content=\"In our previous article we have explained on how to protect the data while it is in transit through Transport Layer Security (TLS)\/Secured Socket Layer\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Secure Web Application in Java EE6 using LDAP\" \/>\n<meta property=\"og:description\" content=\"In our previous article we have explained on how to protect the data while it is in transit through Transport Layer Security (TLS)\/Secured Socket Layer\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html\" \/>\n<meta property=\"og:site_name\" content=\"Java Code Geeks\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/javacodegeeks\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/mainakidiotechie\" \/>\n<meta property=\"article:published_time\" content=\"2013-05-22T16:00:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/enterprise-java-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"150\" \/>\n\t<meta property=\"og:image:height\" content=\"150\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Mainak Goswami\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@http:\/\/twitter.com\/idiotechie_\" \/>\n<meta name=\"twitter:site\" content=\"@javacodegeeks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mainak Goswami\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html\"},\"author\":{\"name\":\"Mainak Goswami\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#\\\/schema\\\/person\\\/b7b3e7a3fe5bf87028577702c8ae4dcf\"},\"headline\":\"Secure Web Application in Java EE6 using LDAP\",\"datePublished\":\"2013-05-22T16:00:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html\"},\"wordCount\":837,\"commentCount\":1,\"publisher\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2012\\\/10\\\/enterprise-java-logo.jpg\",\"keywords\":[\"Java EE6\",\"LDAP\"],\"articleSection\":[\"Enterprise Java\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html\",\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html\",\"name\":\"Secure Web Application in Java EE6 using LDAP\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2012\\\/10\\\/enterprise-java-logo.jpg\",\"datePublished\":\"2013-05-22T16:00:32+00:00\",\"description\":\"In our previous article we have explained on how to protect the data while it is in transit through Transport Layer Security (TLS)\\\/Secured Socket Layer\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html#primaryimage\",\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2012\\\/10\\\/enterprise-java-logo.jpg\",\"contentUrl\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2012\\\/10\\\/enterprise-java-logo.jpg\",\"width\":150,\"height\":150,\"caption\":\"java-interview-questions-answers\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2013\\\/05\\\/secure-web-application-in-java-ee6-using-ldap.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.javacodegeeks.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Java\",\"item\":\"https:\\\/\\\/www.javacodegeeks.com\\\/category\\\/java\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Enterprise Java\",\"item\":\"https:\\\/\\\/www.javacodegeeks.com\\\/category\\\/java\\\/enterprise-java\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Secure Web Application in Java EE6 using LDAP\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#website\",\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/\",\"name\":\"Java Code Geeks\",\"description\":\"Java Developers Resource Center\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#organization\"},\"alternateName\":\"JCG\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.javacodegeeks.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#organization\",\"name\":\"Exelixis Media P.C.\",\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/exelixis-logo.png\",\"contentUrl\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/exelixis-logo.png\",\"width\":864,\"height\":246,\"caption\":\"Exelixis Media P.C.\"},\"image\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/javacodegeeks\",\"https:\\\/\\\/x.com\\\/javacodegeeks\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#\\\/schema\\\/person\\\/b7b3e7a3fe5bf87028577702c8ae4dcf\",\"name\":\"Mainak Goswami\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d4a5454a862826ae8ab0beef1da70804439f242bd71c6dfbb935639f669b9a4d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d4a5454a862826ae8ab0beef1da70804439f242bd71c6dfbb935639f669b9a4d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d4a5454a862826ae8ab0beef1da70804439f242bd71c6dfbb935639f669b9a4d?s=96&d=mm&r=g\",\"caption\":\"Mainak Goswami\"},\"description\":\"Mainak Goswami is an experienced Technology Consultant specializing in JEE, Web Development and Open source technologies. He is currently based out of United Kingdom. He is a technology enthusiast trying to explore the latest in the world of technology. His current area of interest is Mobility, NoSQL and Cloud computing. In past time he loves blogging on his website Idiotechie.\",\"sameAs\":[\"http:\\\/\\\/idiotechie.com\\\/\",\"https:\\\/\\\/www.facebook.com\\\/mainakidiotechie\",\"http:\\\/\\\/www.linkedin.com\\\/pub\\\/mainak-goswami\\\/9\\\/313\\\/a19\",\"https:\\\/\\\/x.com\\\/http:\\\/\\\/twitter.com\\\/idiotechie_\"],\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/author\\\/Mainak-Goswami\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Secure Web Application in Java EE6 using LDAP","description":"In our previous article we have explained on how to protect the data while it is in transit through Transport Layer Security (TLS)\/Secured Socket Layer","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html","og_locale":"en_US","og_type":"article","og_title":"Secure Web Application in Java EE6 using LDAP","og_description":"In our previous article we have explained on how to protect the data while it is in transit through Transport Layer Security (TLS)\/Secured Socket Layer","og_url":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html","og_site_name":"Java Code Geeks","article_publisher":"https:\/\/www.facebook.com\/javacodegeeks","article_author":"https:\/\/www.facebook.com\/mainakidiotechie","article_published_time":"2013-05-22T16:00:32+00:00","og_image":[{"width":150,"height":150,"url":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/enterprise-java-logo.jpg","type":"image\/jpeg"}],"author":"Mainak Goswami","twitter_card":"summary_large_image","twitter_creator":"@http:\/\/twitter.com\/idiotechie_","twitter_site":"@javacodegeeks","twitter_misc":{"Written by":"Mainak Goswami","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html#article","isPartOf":{"@id":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html"},"author":{"name":"Mainak Goswami","@id":"https:\/\/www.javacodegeeks.com\/#\/schema\/person\/b7b3e7a3fe5bf87028577702c8ae4dcf"},"headline":"Secure Web Application in Java EE6 using LDAP","datePublished":"2013-05-22T16:00:32+00:00","mainEntityOfPage":{"@id":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html"},"wordCount":837,"commentCount":1,"publisher":{"@id":"https:\/\/www.javacodegeeks.com\/#organization"},"image":{"@id":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html#primaryimage"},"thumbnailUrl":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/enterprise-java-logo.jpg","keywords":["Java EE6","LDAP"],"articleSection":["Enterprise Java"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html","url":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html","name":"Secure Web Application in Java EE6 using LDAP","isPartOf":{"@id":"https:\/\/www.javacodegeeks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html#primaryimage"},"image":{"@id":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html#primaryimage"},"thumbnailUrl":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/enterprise-java-logo.jpg","datePublished":"2013-05-22T16:00:32+00:00","description":"In our previous article we have explained on how to protect the data while it is in transit through Transport Layer Security (TLS)\/Secured Socket Layer","breadcrumb":{"@id":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html#primaryimage","url":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/enterprise-java-logo.jpg","contentUrl":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/enterprise-java-logo.jpg","width":150,"height":150,"caption":"java-interview-questions-answers"},{"@type":"BreadcrumbList","@id":"https:\/\/www.javacodegeeks.com\/2013\/05\/secure-web-application-in-java-ee6-using-ldap.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.javacodegeeks.com\/"},{"@type":"ListItem","position":2,"name":"Java","item":"https:\/\/www.javacodegeeks.com\/category\/java"},{"@type":"ListItem","position":3,"name":"Enterprise Java","item":"https:\/\/www.javacodegeeks.com\/category\/java\/enterprise-java"},{"@type":"ListItem","position":4,"name":"Secure Web Application in Java EE6 using LDAP"}]},{"@type":"WebSite","@id":"https:\/\/www.javacodegeeks.com\/#website","url":"https:\/\/www.javacodegeeks.com\/","name":"Java Code Geeks","description":"Java Developers Resource Center","publisher":{"@id":"https:\/\/www.javacodegeeks.com\/#organization"},"alternateName":"JCG","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.javacodegeeks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.javacodegeeks.com\/#organization","name":"Exelixis Media P.C.","url":"https:\/\/www.javacodegeeks.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.javacodegeeks.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png","contentUrl":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png","width":864,"height":246,"caption":"Exelixis Media P.C."},"image":{"@id":"https:\/\/www.javacodegeeks.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/javacodegeeks","https:\/\/x.com\/javacodegeeks"]},{"@type":"Person","@id":"https:\/\/www.javacodegeeks.com\/#\/schema\/person\/b7b3e7a3fe5bf87028577702c8ae4dcf","name":"Mainak Goswami","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d4a5454a862826ae8ab0beef1da70804439f242bd71c6dfbb935639f669b9a4d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d4a5454a862826ae8ab0beef1da70804439f242bd71c6dfbb935639f669b9a4d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d4a5454a862826ae8ab0beef1da70804439f242bd71c6dfbb935639f669b9a4d?s=96&d=mm&r=g","caption":"Mainak Goswami"},"description":"Mainak Goswami is an experienced Technology Consultant specializing in JEE, Web Development and Open source technologies. He is currently based out of United Kingdom. He is a technology enthusiast trying to explore the latest in the world of technology. His current area of interest is Mobility, NoSQL and Cloud computing. In past time he loves blogging on his website Idiotechie.","sameAs":["http:\/\/idiotechie.com\/","https:\/\/www.facebook.com\/mainakidiotechie","http:\/\/www.linkedin.com\/pub\/mainak-goswami\/9\/313\/a19","https:\/\/x.com\/http:\/\/twitter.com\/idiotechie_"],"url":"https:\/\/www.javacodegeeks.com\/author\/Mainak-Goswami"}]}},"_links":{"self":[{"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/posts\/13096","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/users\/248"}],"replies":[{"embeddable":true,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/comments?post=13096"}],"version-history":[{"count":0,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/posts\/13096\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/media\/112"}],"wp:attachment":[{"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/media?parent=13096"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/categories?post=13096"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/tags?post=13096"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}