File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes Authenticate for a session Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Authenticate for a session" Watch "Authenticate for a session" New topic

Authenticate for a session

Bob Moranski
Ranch Hand

Joined: Nov 22, 2000
Posts: 177
Hi, I was wondering what would be a good design for authentication and then retrieve or create a proper HttpSession for the correct user.
Do I use session.putValue("userID", thisID)?
Danny Mui
Ranch Hand

Joined: Dec 14, 2000
Posts: 42
I've seen that approach used by lots of people . In the servlet 2.2 spec, authentication should/is provided by the container (server) so the ServletRequest.getUserPrincipal would return the user object.
I agree. Here's the link:
subject: Authenticate for a session
It's not a secret anymore!