It's not a secret anymore!
The moose likes JSP and the fly likes JSP Security - Advanced Servlet/JSP Login? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "JSP Security - Advanced Servlet/JSP Login?" Watch "JSP Security - Advanced Servlet/JSP Login?" New topic

JSP Security - Advanced Servlet/JSP Login?

Peter Daly

Joined: Jan 04, 2002
Posts: 17
Is there a way I can login a user into Tomcat 4.X using server side code? I need to have a page which allows a user to enter credit card information, and allow them in without having a real "user" associated with the account.
I think the best solution is to have a Generic Credit user, who the user is logged in as when their credit card information is processed, which their information stored in their session. The "Generic Credit User" would have a Credit User role, while other users would have a real account, with a subscription role. I can think of ways of doing the above, but they require the generic username and password to be embedded in the html.
The standard form based login I do not believe will allow me to do things such as having the price printed on the page (it will vary), and other small problems like that. Also, I would need to attach objects to the session when the user is authenticated.
Any ideas? I would prefer to use some type of container manager security rather than a home grown tracking system.
I agree. Here's the link:
subject: JSP Security - Advanced Servlet/JSP Login?
It's not a secret anymore!