Preview jTalk

black

Security, Administration, and Realms

Making the business case for jTalk.
The following preview outlines the key features and benefit analysis of jTalk, incorporating screenshots and example code snippets.

jTalk solves the following critical business problems experienced by all web application developers:


shim

Security enables your web application to have value. Whether it's content for sale or data you need to protect, your application will need a security mechanism to limit access. jTalk security ties into the client browser's built-in security apparatus enabling a familiar and trusted environment for your visitors to store passwords. Further, jTalk is 100% compatible with SSL enabling your security mechanism to be protected by the strongest encryption in the business.

jTalk security tags, simply placed in your business logic, can access any other jTalk tags to build dynamic security realms. By using jTalk database tags usernames and passwords can be unique for every visitor and tie into your customer repository database.

jTalk incorporates the necessary encoding algorithms including Base64 to ensure your applications can maintain platform independance.

Note how easy it is to build a security realm in jTalk, compared with the same task in traditional JSP syntax:


Typical JSP Syntax:
  <%
    String authorization = request.getHeader("Authorization");
    if (authorization != null) {
      String credentials = authorization.substring(6).trim();
      sun.misc.BASE64Decoder decoder = new sun.misc.BASE64Decoder();	
      String userpass = new String(decoder.decodeBuffer(credentials));
      int colon = userpass.indexOf(":");
      if (colon > 0) {
        String user = userpass.substring(0, colon);
        String pass = userpass.substring(colon + 1);
        if (user.equals("john") && pass.equals("password"))
          return;
      }
    }
    response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
    response.setHeader("WWW-Authenticate", "Basic realm=\"My Realm\"");
  %>
jTalk Syntax:
  <jtalk:authenticate>
    <jtalk:authenticateRealm>BASIC realm="My Realm"</jtalk:authenticateRealm> 
    <jtalk:authenticateUsername>john</jtalk:authenticateUsername>
    <jtalk:authenticatePassword>password</jtalk:authenticatePassword>
  </jtalk:authenticate> 

In the above example you can see that using traditional JSP syntax to protect your application requires parsing and decoding the client browser headers. While the jTalk method is simple and can even retrieve usernames and passwords from any of your databases.

Any Questions?


shim