aspose file tools*
The moose likes Servlets and the fly likes Servlets Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Servlets" Watch "Servlets" New topic
Author

Servlets

ankita balaji
Greenhorn

Joined: Aug 19, 2004
Posts: 11
Hello Everybody,
I need a small help from you.Im new to session tracking and I want to maintain the sessions for the user login based on the username.i.e I should not allow the user to take up a online test or so if he is not logged or not registered yet.Can anyone please send me the code for my problem.
Expecting the needed help from U,
Have a nice time.
Bye
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61010
    
  65

I'm not sure why you posted this in the JDBC forum. Moving to the Servlets forum.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Ramaswamy Srinivasan
Ranch Hand

Joined: Aug 31, 2004
Posts: 295
Hi Ankita,

This can be done in the following way.

When the user logs in, where are you extracting some info about the user from the data base?

Any way, if that is in the servlet, you can set the user name to the session variable.





By doing so, we can get the username from the session, using



We can check whether the names match, to ensure that the current user is the authenticated one.

I think this is one way...if any better ways exist, kindly let me know guys.

Cheers,
Swamy
Adeel Ansari
Ranch Hand

Joined: Aug 15, 2004
Posts: 2874
Originally posted by Ramaswamy Srinivasan:

We can check whether the names match, to ensure that the current user is the authenticated one.


How swamy?? match the name in the session with which name?? Or we have to get a name with every request to match with the existing name in the session.

Why not just check the name from session. if we get some name then alright the user is authenticated, otherwise we will get null.

isn't it better to place logged in users in application context scope then we can check whether the user, made the request, is logged in or not. Moreover we can avoid multiple logins by same user. again we have to get a name in every request.
Ramaswamy Srinivasan
Ranch Hand

Joined: Aug 31, 2004
Posts: 295
Hi Adeel,

Thanks a lot for pointing that out.

Did not think of that one mate....I get it now. It's definitely a better way.

Cheers,
Swamy
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Servlets