| Author |
Tracking Authentication
|
MaheshS Kumbhar
Ranch Hand
Joined: Sep 24, 2009
Posts: 188
|
|
|
When the unauthenticated user first time requests a constrained resource, the Container automatically starts login/authentication process. But once the user is authenticated with this process and the next time when the same authenticated user requests constrained resource, how does Container keeps track of the fact that the user requesting constrained resource is already authenticated?
|
I am slow but sure
|
 |
Sue Temple
Greenhorn
Joined: May 01, 2010
Posts: 19
|
|
Please look at HttpSession in the javax.servlet.http package
|
|
Ankit Garg
Saloon Keeper
Joined: Aug 03, 2008
Posts: 9189
|
|
If you are talking about BASIC authentication, then in that case after the user authenticates himself/herself, on any subsequent request to the server, the browser sends an authentication header which contains the username and password in Base64 encoded form. The header looks like this (the long text in the end is the encoded username and password)
Authorization: Basic BJFOZGRpbjpvcGVuIHNlc2FtZQ==
|
SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
|
|
 |
|
|
subject: Tracking Authentication
|
|
|
0
