A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Authenticate for a session
Joined: Nov 22, 2000
Jan 05, 2001 22:51:00
Hi, I was wondering what would be a good design for authentication and then retrieve or create a proper HttpSession for the correct user.
Do I use session.putValue("userID", thisID)?
Joined: Dec 14, 2000
Jan 06, 2001 16:42:00
I've seen that approach used by lots of people
. In the
2.2 spec, authentication should/is provided by the container (server) so the ServletRequest.getUserPrincipal would return the user object.
I agree. Here's the link:
subject: Authenticate for a session
Preventing Multiple Logins
storing values in session during authentication
Online Exam Problem!!!
EJB session vs web HttpSession
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2015