GeeCON Prague 2014*
The moose likes Servlets and the fly likes Where/how to remember the user is authenticated already in J2ee programmatic security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Servlets
Bookmark "Where/how to remember the user is authenticated already in J2ee programmatic security" Watch "Where/how to remember the user is authenticated already in J2ee programmatic security" New topic
Author

Where/how to remember the user is authenticated already in J2ee programmatic security

Jerry Lee
Greenhorn

Joined: Sep 09, 2004
Posts: 16
I am doing a programmatic security in J2EE.

siteA tries to access my siteB(J2ee) with a token appended in the URL.
In siteB, I verify the token. If it is good, I let him to access the requested page.

My question, where and how do I store the info that he was "authenticated" already? Then, if he accesses another page on siteB, I do not need verify the token anymore.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42047
    
  64
That implies a stateful HTTP connection, i.e. a session in which you can store that information. Barring further information, I'd say you need to set a cookie.


Ping & DNS - my free Android networking tools app
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Where/how to remember the user is authenticated already in J2ee programmatic security