java - General questions about JavaEE security and JDBC realm authentication with WildFly 8.2 -
i'm studying chapters 47...50 of javaee 7 tutorial security, authentication, realms... server managed authentication totally new me, please patient.
i created own jdbc realm (using wildfly 8.2) described @ paragraph 50.3 , of this beautiful article.
i have general questions, hope can help:
once user authenticated, need way retrieve identity within application. in 48.3.2 (checking caller identity programmatically)
getremoteuser()
method presented, paragraph saysthe security api described in section should used in less frequent situations in web component methods need access security context information.
what mean? mean using methods kind of bad practice? there other way retrieve current user data i'm missing?
what if perform operations when user successful logs in? there method triggered "user logged in" event?
jdbc realm authentication implies user credentials read , checked server, application doesn't know coordinates auth-reserved db. "new user sign up", have implement classic solution via application (accessing auth db, check if chosen username present, inert row in table...) or there server-implemented mechanism ignore?