loop through the record set in a stored procedure using cursor.

Postado por doska sexta-feira, 11 de dezembro de 2009 0 comentários
Create loop through the recordset in stored procedure can be confusing for some people, searching the internet I saw that there are many example where using a rowcount and a increment variable through the records a table. Something like this:










But from the 2005 version of sql server you can cycle through the values of the recordset using a FETCH NEXT FROM MyCursor INTO @ col. That controls the cursor query. In this example I show below an example of a stored procedure that performs a query in a table of customers and returns the fields id and age of customers, and then makes a loop through the recordset and the value of the variable age checks if the client has more than 60 years. If the client has more than 60 years, the stored procedure adds a record in table bonus passing the customer id.






How use Enums with Wicket DropDownChoice

Postado por doska quinta-feira, 3 de dezembro de 2009 0 comentários
How use Enums with Wicket DropDownChoice

Typically dropdownChoise wicket is used with objects entities, VO, DTO. Below a simple code on how to make a dropdownChoise with Enum.



Class Enum

-----------------------------------
Creating drop down enum

-------------------------------------------------
HTML

MSN Protocol Operation

Postado por doska quinta-feira, 15 de outubro de 2009 Marcadores: 0 comentários

Two years ago I was studying about RIA and in order to test new technologies that were emerging as dwr ajax,dojo and prototype to construction of interfaces I decided to build a prototype of an application. I built a prototype of application of Remote Desktop and File Transfer service. And to make the communication between the web application and local application, I have developed a communication protocol that is transported into the communication protocol from the MSN. I found a api called Java MSN Messenger. This api allows to connect easily from the MSN network. I made a video of the application and i presented this video in my university when I studied, I thought it was cool to the application interface.





Developing this prototype I learned how to work the msn protocol.

MSN Protocol Operation

The MSN protocol is a protocol that implements the IM technology and was developed by Microsoft to serve as a communication protocol for its IM tool called MSN Messenger. The MSN protocol was based on RFC 2778. RFC 2778 defines an abstract model of an IM system, the various entities involved, defines terminology and outline what services will be offered by the system.


A MSN Messenger session involves a connection to a Notification Server (NS), which is a notification to the server to connect to the "switchboard servers (SBS) that provides the IM service.

Notification Server (NS)

Notification Server notifications are made to the server via MSN Messenger session. The main purpose of NS is to notify the information present in the meeting and their contacts and request a session to the switchboard. The Notification Server also has other services such as notification of new e-mail received from a Hotmail account (www.hotmail.com).


To request a session to the switchboard, the customer must send an XFR command with two parameters, the first with TrID (Transaction IDs) and the second command is a command SB.XFR the MSN Messenger protocol that makes some kind of notification to the server requesting a switchboard session. With this command sent, the server will respond to the command with another command XFR with the instructions to authenticate to the switchboard.




The first parameter of the response "SB" means you are starting a session on the switchboard. The second parameter of the response indicates the IP address and port of the server, 1863 is the default port Switchboard Server. The third parameter specifies the response type of authentication, which will always be CKI. The fourth parameter of the response "17262740.1050826919.32308" is an id of authentication which the client will need to submit when he sent his ID to the switchboard.
Switchboard (SB)


The switchboard is a manager of the sessions, that is, each person in chat corresponds to a shared connection in a switchboard session. That is, when two people are in conversation directly, the switchboard that manages the state of that conversation acts as a proxy.


Once connected to the switchboard, the customer must send a USR command with three parameters: the first is the TrID, the second the e-mail that is connected, and the third session Id. The USR command is used to connect to the switchboard. If he succeeds in sending the command, the server will send back an USR command with the same TrID, the OK command in the first parameter and your e-mail in the second parameter and the name of User in the third parameter.

One example of authentication messages







MSN Messenger Protocol


The MSN Messenger Protocol consists of a series of commands sent between the client and server. For example, when some contact is inactive in the list of contacts for a customer is sent a notification message from the server to the client with this information. The MSN Messenger protocol went through several revisions in recent years. The most current version at the present time is the version MSNP12.
MSN Client Protocol consists of messages sent between clients. These messages can be, for example, a message with the text "Hi, you alright?"

Wicket integration with ExtJS

Postado por doska quarta-feira, 14 de outubro de 2009 Marcadores: 0 comentários

I'm a ExtJS api fan to develop layout. I am developing a wicket project and would like to use a gridview developed in extjs in my project. I tried some api wicket integration with extjs. I found this api http://code.google.com/p/wicket-ext/. api is in development and it hasn't integration with all features of ExtJS, but currently the API is already integrates with some famous ExtJS components, such as GridView. Below is an example of how to write a simple GridView with the component.

#Java
- WebPage Class -------------------------------------------------------




- Bean Class ------------------------------------------------------------


# html



# result

Iniciando os estudos para SCEA 5

Postado por doska sexta-feira, 9 de outubro de 2009 Marcadores: 0 comentários
Após eu passar na prova de SCBCD 5, fiquei um pouco perdido em relação aos meus próximos passos em relação as certificações, eu deveria investir no meus estudos para tirar SCEA 5 ou deveria dá um tempo em JAVA e começar a estudar para certificações de outras linguagens,como a certificação .net. Ou até mesmo para de estudar para certificações e estudar um outras linguagens tipo RUBY ou FLEX. Mas pensando bem, decidir continuar minha saga dentro das certificações JAVA e vou estudar para a tão sonha certificação SCEA 5. Acho essa certificação importante porque nos força a estudar diferentes aspectos da arquitetura de softwares, como SOA, WS, Design Patterns, balanceamento de cargas,... e acho que muito do que se estudar para essa prova é aplicado para qualquer projeto de software web.

Pesquisando na internet sobre materiais de estudo para SCEA 5, achei esse conjuto de links, organizado por assunto que aparecem na prova em blog e decidir post aqui no meu blog também. Espero que possa ser útil para alguém.

SCEA 5 Get Started

Sun Certified Enterprise Architect for the Java Platform, Enterprise Edition 5 (Step 1 of 3) (CX-310-052) Description
from sun.com
Upgrade Exam: Sun Certified Enterprise Architect for the Java Platform, Enterprise Edition 5 (CX-310-053)
from sun.com
SCEA 5 Study Google Group
from groups.google.co.in
SCEA 5 Study Guide
by Mikalai Zaikin
NYC Java Study Groups's SCEA 5 Study Notes
from nycjava.net

Part 1: Common Architectures

load balance/DNS round-robin
posted in Sept. 2001
Object Level Fault Tolerance for CORBA-based Distributed Computing
By Tom McDonough
Practical Approaches for Distributing HTTP Traffic: Load Balancing Your Web Site
By Ralf S. Engelschall, 1998
J2EE clustering, Part 1: Clustering technology is crucial to good Website design; do you know the basics?
By Abraham Kang, 2001
J2EE clustering, Part 2: Migrate your application from a single machine to a cluster, the easy way
By Abraham Kang, 2001
DNS Round Robin High-Availability Load Sharing
from PolyServe.com
N-Tier J2EE Architecture
from scea_prep yahoo group
BEA WebLogic Server Clustering
pdf file from bea.com, 1999
Client/server computing
from gogis.nl

Part 2: Legacy Connectivity

Legacy integration techniques for Java applications
By Scott W. Ambler, 2000
Internet Legacy Connectivity
By Alida Bolton, IT Research GmbH
On "Screen Scrapers" And GUI Terminal Emulators
A White Paper By Todres Yampel
Notes from Simon Lee
Notes from Leo Crawford

Part 3: Enterprise JavaBeans & Part 4: EJB Container Model

Mastering EJB II
PDF Book By Ed Roman
Introduction of Data Access Object
from Sun Java Center J2EE Patterns
EJB
Described best practices to improve performance in Session Beans, Entity Beans, Message Driven Beans

Part 5: Protocols

Packet Filters, Stateful Packet Filters, and Proxies
by Jeffrey Howard
All Port Number Listing
http: 80; https: 443; jrmp: 1099
Tunneling through the corporate network: HTTP tunneling with servlets
By Malcolm Davis, July 2001
IIOP Specification: A Closer Look
By Gabriel Minton
Comparing IIOP, RMI, HTTP
by Mehmet Sen
RMI Through Firewalls Via Proxies
from jdk 1.2 doc
RMI over IIOP
by Akira Andoh and Simon Nash, 1999, from javaworld.com

Part 6: Applicability of J2EE Technology

J2EE BluePrints
guideline to design j2ee application -- book.pdf chapter 3 - 5

Part 7: Design Patterns

CMSC491D Design Patterns In Java Lecture Notes
By Bob Tarr, 2000
Patterns in J2EE
Described best practices to improve performance in J2EE using patterns such as Session Facade Pattern, Service Locator Pattern, Value Object Pattern etc
Software design pattern
from ciol.com
pattern synopses
pattern synopses from Mark Grand's book
J2EE Design Patterns
by Sue Spielman, January 2002
Design Patterns for Optimizing the Performance of J2EE Applications
By Vijay S. Ramachandran, December 2001

Part 8: Messasing

JMS Introduction
from javaworld.com, 2000
See the Notes in Misc Section

Part 9: Internationalization

Introduction to Internationalization
Sun's white paper
Sample chapters of Java Internationalization
Chapter 9: Internationalized Graphical User Interfaces; Chapter 11: Internationalized Web Applications

Part 10: Security

Introduction to SSL
posted in 1998
What you need to know before setting up a firewall
posted in 2001
How Firewalls Work
by Jeff Tyson
Introduction to Firewalls and Security
pdf file, cover firewalls and security in general
Java security evolution and concepts, Part 2
By Raghavan N. Srinivas, 2000, javaworld.com
Frequently Asked Questions - Java Applet Security
from java.sun.com
Java Security Evolution and Concepts, Part 1 and Part 2
difference between jdk1.1 and 1.2
Security: Chapter 3 of Inside the Java 2 Virtual Machine
by Bill Venners
Signing Code and Granting It Permissions
java 2 security from sun's java tutorial

Mockup Tests

Mockup Test
Sridhar, March 2002
Whizlabs Mockup Test
30 free mockup questions
with detailed explanation and 286 paid mockup questions with detailed explanation, August 2002

Misc

How do you become an Architect?
Ted Neward's blog and the discussion from theserverside.com, 2007
SCBCD Study Guide (EJB)
pdf from javablackbelt.com, 2007
John Wether's Note
posted July 17, 2001
Notes from scea_j2ee yahoo group
Posted March 2002
Numbers of Questions in each section for Part 1
discussion on Javaranch.com
Numbers of Questions in each section for Part 1
another discussion on Javaranch.com
Inside B2B
Introduction to B2B
JMX
jmx Q & A from sun
DNA blueprint
Success Stories from scea_j2ee yahoo group

More Information

Collection of SCEA Sites

References -- Specs

UML Spec
J2EE Spec
J2EE Blue Prints

References -- Books

Sun Certified Enterprise Architecture for J2EE Technology Study Guide
by Mark Cade, Simon Roberts, March 2002
From: Amazon.com, Amazon.caSun Certified Enterprise Architect for J2EE Study Guide (Exam 310-051)
by Paul Allen, Joseph Bambara, March, 2003, sample chapter from osborne.com
From: Amazon.com, Amazon.caHead First Design Patterns
by by Elisabeth Freeman, Eric Freeman, Bert Bates, Kathy Sierra, 2004
From: Amazon.com, Amazon.caJava 2 Network Security
by Marco Pistoia, August 1999, sample chapter from phptr.com
From: Amazon.com, Amazon.caUML Distilled (2e)
by Martin Fowler, Kendall Scott, September 1999
From: Amazon.com, Amazon.caDesign Patterns and Contracts
by Jean-Marc Jezequel, Christine Mingins, Michel Train, , October 1999
From: Amazon.com, Amazon.caDesign Patterns: Elements of Reusable Object-Oriented Software
by Erich Gamma, Richard Helm, Ralph Johnson, John Vlissides, October 1994
From: Amazon.com, Amazon.caJava Enterprise in a Nutshell (2e)
by William Crawford, Jim Farley, April 2002
From: Amazon.com, Amazon.ca

Free eBooks on Java/J2EE

Raw Java
by Douglas Dunn, 2008, Wiki Book (Combined Java Rules and Mastering The Fundamentals of the Java Programming Language), from javaspec.org
Free Book: Java Testing and Design
by Frank Cohen, 2004, from dzone.com
Core Servlets and JavaServer Pages
by Marty Hall, 2000, pdf from coreservlets.com
Servlet Essentials
by Stefan Zeiger, 2000, zip and html version from novocode.com
Designing Enterprise Applications with the J2EE Platform, Second Edition
by Inderjeet Singh, Beth Stearns, Mark Johnson, Enterprise Team, 2002 , html and pdf version from java.sun.com
J2EE and XML Development
by David Weiss, Kurt A. Gabrick, 2002, pdf from theserverside.com
CodeNotes for J2EE: EJB, JDBC, JSP and Servlets
by codenotes.com, 2002, pdf version from javalobbly.com (free login first)
Mastering EJB Second Edition
by Ed Roman 2002, pdf version from theserverside.com
The Software Design and Development Book
by Mark Watson, zip from markwatson.com
Java Platform Performance Strategies and Tactics
by Steve Wilson & Jeff Kesselman, 2001, html version from java.sun.com
EJB Design Patterns
by Floyd Marinescu, 2002, pdf from theserverside.com
Concurrent Programming Using Java
by Stephen J. Hartley, 1998, from mcs.drexel.edu
Advanced Programming for the Java 2 Platform
by Calvin Austin and Monica Pawlan, 1999, html version from java.sun.com
JAVA 2 PLATFORM, ENTERPRISE EDITION TECHNOLOGY IN PRACTICE
by R. G. G. Cattell, et al, 1999, from java.sun.com
Objects and Java: Building Object-Oriented, Multi-Threaded Applications with Java
by Bill Venners, 2003, html version from artima.com
Securing Java
by Gary McGraw & Ed Felten,1999, from securingjava.com
Java 2 Network Security
by Marco Pistoia, et al, 1999, IBM RedBook
The Java Language Specification, Second Edition
by James Gosling, Bill Joy, Guy Steele, Gilad Bracha, 2000, html & zip from java.sun.com
JDK 1.4 Tutorial
by Gregory M. Travis, 2002, pdf version from javalobbly.com (free login first)
Introduction to Programming Using Java
by David J. Eck, 2002, html version from hws.edu
Data Structures and Algorithms with Object-Oriented Design Patterns in Java
by Bruno R. Preiss, 2000, html from brpreiss.com
How to Think Like a Computer Scientist: Java version
by Allen B. Downey, 2002, pdf, html zip version from ibiblio.com
Bleeding at the Keyboard A Guide to Modern Programming with Java
by Gregory J. E. Rawlins, 1999, from roxie.org
Thinking in Java, 3rd Edition
by Bruce Eckel, 2002, download from mindview.net
Thinking in Patterns with Java
by Bruce Eckel, download from mindview.net
Java Data Structures (2nd edition)
by Michael T. Goodrich & Roberto Tamassia, 2001, from theparticle.com
Design Patterns Java Companion
by James W. Cooper, from patterndepot.com
Processing XML with Java
by Elliotte Rusty Harold, 2002, from cafeconleche.org
The J2EE Architect's Handbook
by Derek Ashmore, from theserverside.com
Servlets and JavaServer Pages: The J2EE Technology Web Tier
by Jayson Falkner and Kevin Jone, from theserverside.com
Java Testing and Design
by Frank Cohen, from theserverside.com
Essentials of the Java Programming Language
By Monica Pawlan, 1999, from java.sun.com
The Java Web Services Tutorial
from java.sun.com
Java an Object First Approach
by Fintan Culwin, from sbu.ac.uk
Designing Java Applications for Network Computers
redbook from ibm.com
Java Data Objects
by Robin Roos, from ogilviepartners.com
Jakarta Struts Live
by Rick Hightower, from theserverside.com
JXTA
by Brendon Wilson, from brendonwilson.com
Bitter Java
by Bruce Tate, PDF from dsc.ufcg.edu.br
Mastering Enterprise JavaBeans 3.0
free pdf from theserverside.com
Developing for the J2EE Tomcat Platform
2002, free html from j2ee.masslight.com

Dicas para a prova SCBCD 5

Postado por doska Marcadores: 0 comentários
O que eu tenho a dizer sobre a prova de SCBCD 5, é que os simulados do Enthuware são muito mais difícil que a prova, e por isso, se você não tiver tirando notas brilhantes nesses simulados, não desestimule, porque a prova não é tão difícil como os simulados. Eu por exemplo estava tirando em média 60% nos simulados e tirei 85% na prova. O que eu estou falando, não sirva de estimulo para não estudar. É apenas uma dica. Eu não estava muito confiante em passar nessa prova, por causa das minhas notas do simulados, e passei com uma nota boa. Mas o que eu estou dizendo não se aplica a outras certificações, os mocks da prova SCWCD do Enthuware são bem reais o nível. Eu tirava em média 75% nos simulados e tirei 78% na prova.

Bom, quem fez a prova de SCBCD 5, pode confirmar ou desmentir isso que eu estou dizendo dos mocks do Enthuware, mas eu já pesquise sobre os nível dos simulados no coderanch(http://www.coderanch.com/t/163768/EJB-Certificatio...ertification/passed-scbcd-with) e vi também uma pessoa que estava com média 70% nos simulados do no Enthuware e na prova teve a nota de 96% .

No mais, posso dizer que para me preparar para a prova:

Eu li 3 vezes o livro Enterprise JavaBeans 3.0 da O'Reily. Muito bom, mas não é completo
Eu fiz todos Mock Exams da Enthuware e revisei meus estudos, questão por questão que eu tinha errado, comprei esse software por 29 dólares, valeu muito a pena.
Eu li uma vez as notas do Mikalai Zaikin e usava essas notas para revisar meus erros em questões dos simulados.

E sobre minha metodologia de estudo, foi o seguinte(só por curiosidade).

Eu acordava 1 hora mais cedo, do que o necessário para ir trabalhar, e estudava para a certificação durante essa 1 hora. Eu não podia estudar de noite porque eu tinha que estudar outras coisas e final de semana é só lazer, não estudo. Estudei durante 4 meses para tirar a certificação. Essa metodologia eu uso desde minha primeira certificação.

Autenticação usando JASS + JBOSS + BANCO DE DADOS.

Postado por doska Marcadores: 0 comentários

Onde eu trabalho, eu precisei configurar um sistema antigo que sua struts para usar autenticação via JAAS com o JBOSS. Eu procurei na Internet alguns tutorias que monstra-se detalhademente o processo de configuração do JAAS com JBOSS, infelizmente eu não encontrei nada bem explicado e acabei procurando algum tutorial em inglês, e ai sim, eu encontrei mais coisas. Vou descrever passo a passo como eu fiz para fazer essa configuração, espero que ajude algum pessoa.

1. Passo – Configurar login, password, roles e group.

No JBOSS existe várias formas de autenticação. JBOSS permite autenticação via arquivo de propriedades, via banco de dados, via web service, via LDAP. Na configuração que eu fiz no meu trabalho eu utilizei uma autenticação via arquivo de propriedades, mas nesse exemplo que eu vou mostrar a autenticação feita via banco de dados, que eu acho que é mais interessante para ser implementado.

Primeiramente crie duas tabelas no seu banco de dados, a primeira tabela define o login e a senha, e a segunda tabela define login, rules e group. Isso corresponde aos arquivos users.properties e roles.properties que ficam na pasta jboss-x.x.x\server\default\conf.

A primeira tabela vaiter o nome USERS e teria a seguinte estrutura:

CREATE TABLE USERS (UserID VARCHAR (30) PRIMARY KEY, Password VARCHAR (10));

A segunda tabela vai ter o nome ROLES e teria a seguinte estrutura:

CREATE TABLE ROLES ( UserID VARCHAR (30), Role VARCHAR (30), RoleGroup VARCHAR (30));

Depois crie alguns registos para as tabelas USERS e ROLES

INSERT INTO USERS VALUES ('MARIA', '123')
INSERT INTO USERS VALUES ('JOAO', '123456')

INSERT INTO Roles VALUES ('MARIA', 'ENFERMEIRA', 'USER')
INSERT INTO Roles VALUES ('MARIA', 'FUNCIONARIO', 'USER')
INSERT INTO Roles VALUES ('JOAO', 'ADMINISTRADOR', 'ADM')
INSERT INTO Roles VALUES ('JOAO', 'MEDICO', 'ADM')
INSERT INTO Roles VALUES ('JOAO', 'FUNCIONARIO', 'USER')


2. Passo – Configurar o arquivo login-config.xml


Esse arquivo se encontra na pasta jboss-x.x.x\server\default\conf. O login-config.xml é usado pelo JBOSS para definir modelos de autenticação. É lá que vai ser inserido uma nova “application policy”. Application policy é o nome que o JBOSS dá para as novas configurações de autenticação. Nesse arquivo eu criei um Application policy, definir um nome que nos vamos chamar de exemploJAAS, informar qual banco de dados vai ser usado.

Esse arquivo se encontra na pasta jboss-x.x.x\server\default\conf. O login-config.xml é usado pelo JBOSS para definir modelos de autenticação. É lá que vai ser inserido uma nova “application policy”. Application policy é o nome que o JBOSS dá para as novas configurações de autenticação. Nesse arquivo eu criei um Application policy, definir um nome que nos vamos chamar de exemploJAAS, informar qual banco de dados vai ser usado.

                  
<application-policy name="examploJAAS">
    <authentication>
        <login-module code="org.jboss.security.ClientLoginModule"
flag="required">
        </login-module>
        <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
    <module-option name ="managedConnectionFactoryName">
        jboss.jca:service=LocalTxCM,name=OracleDS
            </module-option>
            <module-option name="dsJndiName">
        java:/nomejndibancoDB
            </module-option>
            <module-option name="principalsQuery">
        Select Password from USERS where UserID =?
            </module-option>
            <module-option name="rolesQuery">
        Select Role 'Roles', RoleGroup 'RoleGroups' from ROLES where UserID =?
            </module-option>
        </login-module>
    </authentication>
</application-policy>

Os module option, principalsQuery e rolesQury são padrões para esse tipo de autenticação. Essas query são usadas pela API do JBOSS para realizar a autenticação via banco de dados.


3. Passo – No arquivo jboss-web que fica na sua aplicação adicione o security domain que nos criamos com o nome exemploJAAS


<security-domain>java:/jaas/exemploJAASsecurity-domain>


4. Passo – altere o aqui auth.conf na pasta jboss-x.x.x\client e adicione o seguinte conteúdo


exemploJAAS {
org.jboss.security.ClientLoginModule required;
org.jboss.security.auth.spi.DatabaseServerLoginModule required;
};


6. Passo – Altere o arquivo web.xml do seu projeto e adicione as seguintes linhas


<security-constraint>
    <web-resource-collection>
        <web-resource-name>action</web-resource-name>
        <description>Teste de seguraça</description>
        <url-pattern>*.do</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>ENFERMEIRA</role-name>
        <role-name>FUNCIONARIO</role-name>
        <role-name>ADMINISTRADOR</role-name>
        <role-name>MEDICO</role-name>
    </auth-constraint>
    <user-data-constraint>
    <description>no description</description>
    <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
</security-constraint>

<login-config>
 <auth-method>FORM</auth-method>
 <form-login-config>
 <form-login-page>/logon.do</form-login-page>
 <form-error-page>/logoff.do</form-error-page>
 </form-login-config>
</login-config>

<security-role>
 <description>role 1</description>
 <role-name>ENFERMEIRA</role-name>
</security-role>
<security-role>
 <description>role 2</description>
 <role-name>FUNCIONARIO</role-name>
</security-role>
<security-role>
 <description>role 3</description>
 <role-name>ADMINISTRADOR</role-name>
</security-role>
<security-role>
 <description>role 4</description>
 <role-name>MEDICO</role-name>
</security-role>

Nesse exemplo do web.xml, o arquivo está configurado para que todas as chamadas no navegador para *.do, só posam ser concluídas, caso os usuários tenham alguma das roles definidas(ENFERMEIRA,MEDICO,ADMINISTRADOR,FUNCIONARIO). Se você estiver usando algum patterns de front controller e caso você precise fazer bloqueios por páginas(ex: médico só pode ver pagania xx.jsp e a enfermeira só pode ver a pagina yyy.jsp) eu aconselho fazer essa validação ou pelo código.
Caso você não esteja usado um patterns front controller fica mais fácil fazer esse tipo de bloqueio pelo web.xml.

7. Passo - Criar um jsp de login

<%@ page language=”java” contentType=”text/html; charset=ISO-8859-1″pageEncoding=”ISO-8859-1″%>

<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
<html>
<head>
<title>LOGIN</title>
</head>

<body>
<form action=”j_security_check” method=”POST”>
username: <input type=”text” name=”j_username” /><br />
password: <input type=”password” name=”j_password” /><br />
 <input type=”submit” value=”login” />
</form>
</body>
</html>

Pronto, quando o jsp login chamar o j_security_check. O JBOSS vai verficar o login e senha e adicionar as roles ao usando. O seguinte código mostra um exemplo de como verificar as roles de um determinado usuário tem.

HttpServletRequest.getUserPrincipal(); // retorna o User
HttpServletRequest.isUserInRole("ADM"); // retorna se o usuario possue a role informada
User user = (User)HttpServletRequest.getUserPrincipal();
user.getRoles(); // roles do usuario