Raj,
I used a technique for proper authendication of users for a web application. Basically the logic I used is this.
1. In the servlet first check if the Session object exists.
2. If exists check in the session there is a <i>special session object</i>. This special object (here 'UserView' )was already put by our application when a user properly logs into the system.
Basically if a user properly logs in, we create a viewbean object with members loginID, and password and put into memory (put in session with a name like 'userView', so that we can properly check back for the view bean object in session with the nameTag, latter,in any servlet ). This CREATING NEW SESSION and putting a viewBean in session are done in the LoginServlet.
// sample code
3. If that special session object exists, give a GO-AHEAD.
Further processiog in the servlet.
4. If not redirect the user to login page/ or a 'notLoggedIn.html' page, and ask the user to PROPERLY LOGIN to the system. I use 'forward' instead of 'redirect' API since this redirect doesn't work properly.
Raj,
I have given you an idea of how I have done. I have written an authendication servlet and put it online in the wYou can check it online in
http://www.webappcabaret.com/maha/ Try the following
test cases in Maha's web applicaion in the mentioned link
----------------------------
I have 2 users in the database.
1. loginId : 1000
password: maha
2. loginId :1001
password :anna
Test case 1 :
-------------
Login as 1000 with password maha
Try to login again
Logout
Test case 2 :
------------
Login as 1001 with password anna
Logout
Try logout again
Test case 3 :
------------
Try logout WITOUT logged in first
Basically this system DOESNOT allow the user into the system without properly logged in. I used 2 servlets,some viewbeans,JDBC-MYSQL database,2
JSP pages, 2 html pages. and the MVC (Model-View-Control) Design
pattern.
If you further need help I can send you the full source code in Zip file to you.
regds
maha anna
[This message has been edited by maha anna (edited October 04, 2000).]