Simple Java web application with basic authentication and 3 private pages accessible by users with appropriate roles. Uses Front controller with command pattern. Implements basic authentication over SSL, with password hashing done with bcrypt.
(username, password)
- username_pg_1, password_pg_1 -> user with access to page 1
- username_pg_2, password_pg_2 -> user with access to page 2
- username_pg_3, password_pg_3 -> user with access to page 3
-
Setting up SSL in Tomcat. Since this only needed to run locally, these instructions were followed (no CSR involved).
- Anti-CSRF protection
- Use better servlet url mapping based on this understanding url pattern in servlet mapping
Java 1.8.0; JUnit 4, Mockito 1.9.5; Eclipse Mars.1; Tomcat 7.0