I am using Form Based Authentication (j_security_check, j_username, j_password) in my application. I am not sure how to retrieve the username/password after someone logs in. Could someone help me please..
The idea is to encapsulate you away from the login logic boilerplate so you do not have to struggle with that in your servlet that are supposed to execute your application logic.
JDBCSupport - An easy to use, light-weight JDBC framework -
Joined: Jul 03, 2009
Thanks so much for your reply!
When the user logs in, I plan to retrieve that information and then make the username an attribute of the session. Other than this, I am not sure how the web server will associate the browser with its other requests? Is there any other better way to do this? Please help. Thanks!
Joined: Feb 23, 2009
The container tracks subsequent requests using sessions (or URL rewriting as a fallback) to determine whether or not a user has already logged on.
Since j_username and j_password are regular parameters, you are able to retrieve those in any servlet. The thing however is that you do not know which servlet will be invoked. based on your auth-constraints a whole set of servlets can be restricted and any request will result in the login page to show up. Your best bet is a filter.