Chapter 8: Authentication"

From Documentation
(Created page with "= Secure Your Application = == Session == == Authentication == === Logout ===")
 
Line 1: Line 1:
= Secure Your Application =
+
= Target Application =
 +
In this chapter, we will demonstrate how to implement authentication and protect your pages from illegal access. We will create a login page without sidebar as follows:
 +
 
 +
[[File:Tutorial-ch8-login.png | center | 600px]]
 +
 
 +
After login, we redirect users to index page with user name appeared at right side of the header.
 +
 
 +
[[File:Tutorial-ch8-index.png | center | 600px]]
 +
 
 +
 
 +
= Authentication =
  
 
== Session ==
 
== Session ==
  
== Authentication ==
+
== Logout ==
 +
 
 +
 
  
=== Logout ===
+
= Secure Your Pages =
 +
Security is an important issue that every developer must consider for a web application since users can enter any URL in a browser to access any resource. Even though you have created a login page for authentication, but a user can bypass the login page and access the index page after login if he knows the page's URL. Therefore, we should apply a mechanism to protect zul pages from illegal access. ZK allows you to [[ZK Developer%27s Reference/UI Patterns/Page Initialization| initialize a zul page]] by implement a <javadoc>org.zkoss.zk.ui.util.Initiator</javadoc>. When we apply an <tt>Initiator</tt> to a zul, ZK will use it to perform initialization before creating components upon a zul. We can create a initiator to check user's

Revision as of 03:41, 30 January 2013

Target Application

In this chapter, we will demonstrate how to implement authentication and protect your pages from illegal access. We will create a login page without sidebar as follows:

Tutorial-ch8-login.png

After login, we redirect users to index page with user name appeared at right side of the header.

Tutorial-ch8-index.png


Authentication

Session

Logout

Secure Your Pages

Security is an important issue that every developer must consider for a web application since users can enter any URL in a browser to access any resource. Even though you have created a login page for authentication, but a user can bypass the login page and access the index page after login if he knows the page's URL. Therefore, we should apply a mechanism to protect zul pages from illegal access. ZK allows you to initialize a zul page by implement a Initiator. When we apply an Initiator to a zul, ZK will use it to perform initialization before creating components upon a zul. We can create a initiator to check user's