Netbeans6.8, JSF2, Glassfish v3.

Hi there

I was hoping someone could help me with a problem I am having configuring security for my web application. I am a newbie still. So far I have created the form, a managed beans for behind the form and a entity bean that maps name and password to my database.

I am currently trying to configure a stateless session bean using JPA to access the database and implement the logic. In this stateless session bean I would like to use entity manager to query, login and logout the user.

I would like to use something like the following query;

EntityManager em = ...
Query query = em.createQuery("select User u where u.username = 'bob'");
User user = (User) query.getSingleResult();
if (null != user) {
// User found
System.out.println("Found user[" + user.getUsername() + "]" +
with password[" + user.getPassword() + "]");
}


What I do not understand is "("select User u where u.username = 'bob'"); What does u.username represent? I would also like to find, authenticate(Login) and Logout a user.

In the place of "bob" above I would like to query a datatable for my users and passwords.

I would like the AuthenticationBean to find and authenticate a user that wants to log in as well as the current user logged in to log out.


My current code is as follows;

Login.xhtml

<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html">
<h:head>
</h:head>
<h:body>
<h:form>
<hutputLabel value="User Name:"/>
<h:inputText value="#{LoginBean.name}"/>
<hutputLabel value="Password:"/>
<h:inputText value="#{LoginBean.password}"/>
<h:commandButton action="#{LoginBean.login}" value="Login"/>
</h:form>
</h:body>
</html>



Login.java (This is the managed bean behind the form)

/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/

package OH;
import javax.ejb.EJB;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.RequestScoped;
//import javax.*;
//import java.*;

/**
*
* @author Padjester
*/
@ManagedBean(name="LoginBean")
@RequestScoped
public class LoginBean {
@EJB LoginService loginService;
private String name;
private String password;

public String getName() {
return name;
}

public void setName(String name) {
this.name = name;
}

public String getPassword() {
return password;
}

public void setPassword(String password) {
this.password = password;
}

public String login () {
String loginSuccess = this.loginService.loginUser
(name, password);
return "Successfully logged in to the system";

}


/** Creates a new instance of LoginBean */
public LoginBean() {
}

}


Users.java (This is the entity bean that maps name and password to my password.)

/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/

package OH;

import java.io.Serializable;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;

/**
*
* @author Padjester
*/
@Entity
@Table(name=USERS)
public class Users implements Serializable {
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue (strategy = GenerationType.AUTO)
private String name;
private String password; //check same as db

public String getName() {
return name;
}

public void setName(String name) {
this.name = name;
}

public String getPassword() {
return password;
}

public void setPassword(String password) {
this.password = password;
}
}


AuthenticationBean.java (This is my stateless session bean, that
uses JPA to access the database and implement the business logic)

/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/

package OH;

import javax.ejb.LocalBean;
import javax.ejb.Stateless;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;

/**
*
* @author Padjester
*/
@Stateless
@LocalBean
public class AuthenticationBean {
@PersistenceContext(unitName = "ProjectOHPU")
private EntityManager em;
public String loginUser(String name, String password){

}

}


I have setup a JDBC realm on Glassfish as well as the relevant connection pool, etc.

Any help or advise would be greatly appreciated.
Kind regards