Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Authenticate for a session

 
Bob Moranski
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, I was wondering what would be a good design for authentication and then retrieve or create a proper HttpSession for the correct user.
Do I use session.putValue("userID", thisID)?
 
Danny Mui
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've seen that approach used by lots of people . In the servlet 2.2 spec, authentication should/is provided by the container (server) so the ServletRequest.getUserPrincipal would return the user object.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic