Java Play! 2 - User management with cookies

Question

I am trying to manage my user via cookie. It\'s not that easy because there is absolutely no documentation about this topic.

With the help of the sample \"zentask\"

Answer 1

There is also full stack for authentication and authorization - Play Authenticate by Joscha Feth. (available at GitHub)

It incorporates ready-to-use sample for Java, which uses concepts of securesocial + full Deadbolt 2 (by Steve Chaloner) support. it has:

• built in possibility to register and log in users with e-mail, Google, Facebook, Foursquare, Twitter, OpenId and custom providers.
• Multilanguage support (currently: English, German, Polish)
• Customisable templates (also for informational e-mails)
• Support for roles and permissions (via Deadbolt 2)
• Password recovery support

There is sample app for Java in it. You can incorporate it to your app.

Answer 2

As shown in the Zentask sample, your Secured class should extend Security.Authenticator.

With this, it will allow to put a @Security.Authenticated annotation either on a Controller, or on an Action. This annotation allows to redirect the client to another page if the user is not properly authorized (by overriding the Security.Authenticator.onUnauthorized() method).

The workflow is the following:

1. Check authorization:
2. Add an unique identifier in the client cookies
3. Check if authenticated
4. Secure a controller or an action
5. If not authorized, redirect the client to another page