Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Tracking Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Tracking Authentication" Watch "Tracking Authentication" New topic
Author

Tracking Authentication

MaheshS Kumbhar
Ranch Hand

Joined: Sep 24, 2009
Posts: 188
When the unauthenticated user first time requests a constrained resource, the Container automatically starts login/authentication process. But once the user is authenticated with this process and the next time when the same authenticated user requests constrained resource, how does Container keeps track of the fact that the user requesting constrained resource is already authenticated?


I am slow but sure
Sue Temple
Greenhorn

Joined: May 01, 2010
Posts: 19

Please look at HttpSession in the javax.servlet.http package
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9293
    
  17

If you are talking about BASIC authentication, then in that case after the user authenticates himself/herself, on any subsequent request to the server, the browser sends an authentication header which contains the username and password in Base64 encoded form. The header looks like this (the long text in the end is the encoded username and password)

Authorization: Basic BJFOZGRpbjpvcGVuIHNlc2FtZQ==


SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Tracking Authentication