aspose file tools*
The moose likes Servlets and the fly likes Creating an HTTP Header Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Creating an HTTP Header" Watch "Creating an HTTP Header" New topic
Author

Creating an HTTP Header

Anoop Krishnan
Ranch Hand

Joined: May 03, 2001
Posts: 163
I want to add a new HttpHeader to my web application which contains some user authentication info from the login page . I used the servlet api methods to add headers as key value pair to the response but when I read the headers from the request object I could see only the standard http header informations like session id,cooke ,url things like this.I am not able read the headers which I created
I want to add it as a common header which is accessible for every servlets in my project so that the user can be validated on each page.

I don't know what I am doing wrong can anybody tell me how can I create a http header like this.
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

You have only sent the header to the client. There is nothing saying they must send it back to you - it isn't 'persistent'. If this is what you are looking for, you should either set it as a Cookie (which is a persistent header) or store it server-side on the session.

Be wary of sending user data across the internet which is not encrypted. It opens you to possible information stealing or user-spoofing. eg someone listens for a saves your special cookie value, or a user changes the cookie value and 'becomes' someone else.

Dave
Anoop Krishnan
Ranch Hand

Joined: May 03, 2001
Posts: 163
I want it to be persistant
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

I guessed. Use a cookie, subject to the warning given - if you do it poorly you could end up opening your site to anyone who wants to get in, making authentication pointless.
Jayesh Lalwani
Ranch Hand

Joined: Nov 05, 2004
Posts: 502
Why can't you just store the user information in the session?
 
 
subject: Creating an HTTP Header