my dog learned polymorphism*
The moose likes Servlets and the fly likes Where/how to remember the user is authenticated already in J2ee programmatic security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Where/how to remember the user is authenticated already in J2ee programmatic security" Watch "Where/how to remember the user is authenticated already in J2ee programmatic security" New topic
Author

Where/how to remember the user is authenticated already in J2ee programmatic security

Jerry Lee
Greenhorn

Joined: Sep 09, 2004
Posts: 16
I am doing a programmatic security in J2EE.

siteA tries to access my siteB(J2ee) with a token appended in the URL.
In siteB, I verify the token. If it is good, I let him to access the requested page.

My question, where and how do I store the info that he was "authenticated" already? Then, if he accesses another page on siteB, I do not need verify the token anymore.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41127
    
  45
That implies a stateful HTTP connection, i.e. a session in which you can store that information. Barring further information, I'd say you need to set a cookie.


Ping & DNS - my free Android networking tools app
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Where/how to remember the user is authenticated already in J2ee programmatic security
 
Similar Threads
Authentication using Sun Access Manager 7 and webmethods portal
Container based authentication
Finding Whether a user is logged in or no
WS Security questions
j_security_check 'next' page?