This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Web Services and the fly likes I hope someone replies to this one Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "I hope someone replies to this one " Watch "I hope someone replies to this one " New topic

I hope someone replies to this one

dale con
Ranch Hand

Joined: Apr 15, 2005
Posts: 93

I have the below java file. Looks up user credentials validates them with backend db table and if successful returns a token

Can someone please show me how i put this token in a soap header so that client web service can use it to make calls to the db to make sure the toekn is valid and so that the user doesn't have to keep logging n

Am i going about this the right way

My code:

public class LoginHandler extends HttpServlet
String sqlResults = null;
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
PreparedStatement ps = null;
ResultSetMetaData rsmd = null;

public String validateUser (String userName, String password)
// pass userName and password values back to db to see if they exist
// connect to ConnectionFactory
String sql = "SELECT * FROM tblUsers WHERE userName = '"+userName+"' AND password = '"+password+"'";

conn = ConnectionFactory.getConection();
stmt = conn.createStatement();
rs = stmt.executeQuery(sql);
ps = conn.prepareStatement(sql);

// iterate through recordset and get data
if (
sqlResults = rs.getString("userName");
catch (Exception e)

return sqlResults;

public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
// get userName and password entered by user
String userName = request.getParameter("userName");
String password = request.getParameter("password");

// get application Id from calling web service
String applicationId = request.getParameter("applicationId");

// call validateUser method to validate userName and password
String validateUserName = validateUser(userName, password);

if (validateUserName == null)
// redirect to login page
// either typo error or not registered
//HttpSession session = request.getSession(true);

//String sessionId = session.getId();
//session.setAttribute("sessionId", sessionId);

// get a unique user id
String uniqueUserId = WebServiceToken.getUniqueId();

// set expiry date 7 days from now
Calendar expiryDate = Calendar.getInstance();
expiryDate.roll(Calendar.DATE, 7);

applicationId = "wsAppTest";

// insert token details
WebServiceToken.setTokenDetails(userName, uniqueUserId, expiryDate, applicationId);

// return a token and use in the calling web service
String token = WebServiceToken.getToken(uniqueUserId, applicationId);

// now put this token in the SOAP header, so calling web service can use it
Consider Paul's rocket mass heater.
subject: I hope someone replies to this one
Similar Threads
Problem in getting the data from DB using servlets
Ajax code getting null value
Where to write Validation
how to handle single qotes (' ') in query
Illegal Start of the "try" Block?!