Release Notes

User Autentication

This sample release (if properly installed) knows about five users: alan, donar, pj2, radar, thorgal, all having the same password as their user name and all of them beig part of the same group -- drdcal. (Being part of the drdcal group allows simple rolemapping in the deployment descriptor.)

Amount of users is constant and there is no need to change it once the application is deployed, though it is possible.

You have to set J2EE server to know these users, this is an implementation specific task (on Sun J2EE 1.4 beta one can use the j2ee-admin web interface). While adding the user one should keep in mind:

  1. Add user to J2EE. Any user added should be in the drdcal group -- all such users will be mapped to drdcal role in the application. (As an alternative you can map users directly to drdcal role using the <principals> tag. This approach requires editting of the deployment descriptor.)
  2. Add user to web application. For some reasons (discussed in documentation in detail) application needs to know about all possible users that can connect to it. Because of authentication I use (portable, but simple), aplication has no opportunity to gather all the possible users defined in J2EE who are allowed to connect to it. Thus the application is managing its own list of users just for this purpose. Try to keep it as up to date as possible -- application depends on it.

Database

Uses MySQL database. Uses just SQL92, so it should be possible to rewrite the application to use any possible database.

Connection to database is set up and destroyed in ServletContextListener. Before autentication the connection is cheked, if something goes wrong, user is not allowed to login.

To make application more portable (school, home), there are several database uri's hardcoded in the source and at the startup (in ServletContextListener) the first successfull connection is used.

Database should be populated before first usage and first login. Use the appropriate link from main page.