Hi, New to servlets so bear with me... I'd like to have a user login with a username and password before displaying a purchase order. Right now, I created my own custom login servlet which verifies the username and password against a database and then if the login was valid redirects the user to the PO servlet. But, I'm hoping there is a standard Java API to prompt a user with a login window . I'm also wondering whether storing the username and password in a database is the securest way to go about this. Your input is appreciated.
Joined: Mar 22, 2002
But, I'm hoping there is a standard Java API to prompt a user with a login window .
Most web servers have a convenient way of implementing some sort of client authentication. This is called declarative security. You can use this sample chapter from Marty Hall's More Servlets and JSPs. You'll find Section 5.9 "Providing Security" particularly relevant. Aside from JDBC Data Sources, some web servers allow you to refer to authentication information in LDAP servers, or Windows domains. You can also check out JAAS