Win a copy of Learn Spring Security (video course) this week in the Spring forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Where/how to remember the user is authenticated already in J2ee programmatic security

 
Jerry Lee
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am doing a programmatic security in J2EE.

siteA tries to access my siteB(J2ee) with a token appended in the URL.
In siteB, I verify the token. If it is good, I let him to access the requested page.

My question, where and how do I store the info that he was "authenticated" already? Then, if he accesses another page on siteB, I do not need verify the token anymore.
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That implies a stateful HTTP connection, i.e. a session in which you can store that information. Barring further information, I'd say you need to set a cookie.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic