Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / October 2006

Tip: Looking for answers? Try searching our database.

Authentication servlet...please help me!!!

Thread view: 
Enable EMail AlertsStart New Thread
gbattine - 15 Oct 2006 17:16 GMT
Hi guys,
i need your help.
I'm developing my first jsf application but i've no much experience
with servlets and i'm trying to learn..
This is my question:
i've a login page in which a user try to authenticate its
data,inserting username and password.
I've a loginBean that makes authentication logic and sends user to menu
page of application,if data are correct...
i need to create a servlet that stores into a session username and
password of user.

This servlet has to do this:
redirects user to login page if session expires
check when user login if another user is navigating in the application
with same login data
protect the access to each page checking if there is a user in the
session.

I thinks it can be a common problem of web application,i hope someone
can give me a working example to study..if there are not working
example can someone help me with simple code to understand?I'm learning
java and jsf,but i've some difficulty with servlets,please help me....

Excuse my poor english....i hope you help me,THANKS
Reply to this Message
Robert Klemme - 15 Oct 2006 19:44 GMT
> Hi guys,
> i need your help.
[quoted text clipped - 21 lines]
>
> Excuse my poor english....i hope you help me,THANKS

I'd do the redirection part with a Filter and not a servlet.

    robert
Reply to this Message
Manish Pandit - 15 Oct 2006 21:40 GMT
I agree with Robert. Learn about filters - you can configure a filter
that can check for a presence of some sort of a token or a variable in
the session. If not present, do a response.sendRedirect to the login
page. If present, let the request through. Upon successful login you
can set that particular token/variable in the user's session. If you
want to leave out certain URLs to be 'insecure' or okay to be access
without signing up (like help pages..), you can configure the webapp to
not apply the filter to those URLs.

-cheers,
Manish
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.