From Documentation
Line 150: Line 150:
= Downloads =
= Downloads =
* [link here]
* pending

Revision as of 15:47, 1 February 2012

WarningTriangle-32x32.png This page is under construction, so we cannot guarantee the accuracy of the content!


N,Java Developer, Effective Intelligence
February 01, 2012
ZK EE 5.0.10


This article is aimed at showing a very simple way to integrate JAX-WS with ZK. The basis to do so is by providing a login screen with authentication and authorization being performed via webservice interaction with the back end ejb.

The session handling is based on the Small Talk: Handling the Login Process using ZK MVC and Sessions[1]

The login.zul


The LoginController.java

The controller will interact with the UserCredentialManager at this point the only thing that the controller will handle is ensuring that the required input (username and password) is not blank.

 * On click of the login button, doLogin method will execute
 * @param event
    public void onClick$loginButton(Event event) {

     * Method that will initiate the login action
     * Input values are taken from front end and passed to the manager for processing
    private void doLogin() {
        UserCredentialManager mgmt = UserCredentialManager.getIntance(Sessions.getCurrent());
        //add checks to ensure that no empty data is passed to the backend for processing
        mgmt.login(usernameTxtbox.getValue().trim(), passwordTxtbox.getValue().trim());
        if (mgmt.isAuthenticated()) {
        } else {
            mesgLbl.setValue("The UserName or Password provided is invalid.");

The UserCredentialManager.java

The UserCredentialManager will ensure that the session is current. Login method of the manager is executed on click of Login button. The input is mashalled to xml and web service call is made Output of webservice call is unmarshalled and User model is set with permissions and associated information, if required, derived from the xml output

    public synchronized void login(String username, String password) {
        try {
            //make the xml for the service
            ServiceRequest srq = new ServiceRequest(new ServiceRequest.RequestData(username, password));
            String xmlInput = XmlHandler.constructGenericServiceResultXml(ServiceRequest.class, srq);
            //call the web service that will handle the authentication and authorization
            String xmlOutput = verifyAndGetPermissions(xmlInput);
            //get the result from the call
            ServiceResult sres = (ServiceResult) XmlHandler.unMarshallObjectFromXML(ServiceResult.class, xmlOutput);
            if (sres.getServiceStatus().getStatusCode().equalsIgnoreCase("100")) {
                User tempUser = new User(username, password, sres.getRequestResult().getPermissions());
                user = tempUser;
                //setting userinfo as a global attrib
                Executions.getCurrent().getSession().setAttribute("userInfo", user);
            } else {
                //error occured
                user = null;

        } catch (Exception ex) {
            Logger.getLogger(UserCredentialManager.class.getName()).log(Level.SEVERE, null, ex);

By making the ZK application a new web service client, we are able to import a selected WSDL. Once the WSDL import has completed, the ZK application has access to the exposed methods.


 * This is the webservice call
 * created after the import of wsdl
 * @param xmlInput
 * @return String xmlOuput
    private static String verifyAndGetPermissions(java.lang.String xmlInput) {
        com.ei.webui.service.ZKSmallTalk service = new com.ei.webui.service.ZKSmallTalk();
        com.ei.webui.service.SmallTalkSample port = service.getSmallTalkSamplePort();
        return port.verifyAndGetPermissions(xmlInput);

The UserAccessEJB.java

The UserAccessEJB will be used to interact with a secure database and will be turned into our webservice. The method selected to be exposed will be able to perform all authentication and authorization for user login.

 * This method performs verification and access allocation
 * <br>After decryption and unmarshalling of xml, credential validity and permission verification occurs
 * Output is xml as string containing on success permissions for user else a fail status.</br>
 * @param String xmlInput
 * @return String xmlOutput
    public String verifyAndGetPermissions(String xmlInput) {
        String output = "";
        try {
            //first format the string to object
            ServiceRequest sr = (ServiceRequest) XmlHandler.unMarshallObjectFromXML(ServiceRequest.class, xmlInput);
            //do the verifications
            boolean isValid = isUserCredentialValid(sr.getRequestData().getUsername(), sr.getRequestData().getPassword());
            if (isValid) {
                //get the permissions
                List<PermissionModel> permissionList = getPermissionList(sr.getRequestData().getUsername());
                List<Permissions> xmlPermissions = new ArrayList<Permissions>();
                for (PermissionModel p : permissionList) {
                //populate the final model for output even if the list is empty, still successful verification
                Permissions permXml = new Permissions(p.getPersmission(), p.getPermissionId());
                //set status code successful
                ServiceResult reqRes = new ServiceResult(new ServiceStatus("100", "Operation Successful"), new ServiceResult.RequestResult(xmlPermissions));
                //marshall it
                output = XmlHandler.constructGenericServiceResultXml(ServiceResult.class, reqRes);
            } else {
                //send back status that reads credentails are invalid
                 ServiceResult reqRes = new ServiceResult(new ServiceStatus("200", "User Credentials Invalid"), new ServiceResult.RequestResult());
                //marshall it
                output = XmlHandler.constructGenericServiceResultXml(ServiceResult.class, reqRes);

        } catch (Exception e) {
            //populate the output with blank stubs and exception status
            //never send back nothing! poor loney users
             ServiceResult reqRes = new ServiceResult(new ServiceStatus("99", "Operation Failed"), new ServiceResult.RequestResult());
            try {
                //marshall it
                output = XmlHandler.constructGenericServiceResultXml(ServiceResult.class, reqRes);
            } catch (Exception ex) {
                Logger.getLogger(UserAccessEJB.class.getName()).log(Level.SEVERE, null, ex);
        return output;



  • pending


Copyright © Potix Corporation. This article is licensed under GNU Free Documentation License.