wood burning stoves 2.0*
The moose likes JSP and the fly likes best way to keep tracking of the user info? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "best way to keep tracking of the user info?" Watch "best way to keep tracking of the user info?" New topic
Author

best way to keep tracking of the user info?

Aymen Benhmida
Greenhorn

Joined: Jun 24, 2011
Posts: 12

hi guys,

i'm a newbie in jsp development and web development in general. I need to keep track of the user logged in my web application information (login, password, IP)
what is the best way to do such thing?
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 29220
    
135

You can store the login in the HttpSession (setAttribute). It is best to not keep track of the password. Read it once, authenticate and then keep a record in the session that the user is logged in. One way is to store the login only when authenticated. Keeping passwords in memory invites someone to do a memory dump and get them. The IP address is already available via the HttpRequest so you don't need to store it during the current session.


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
Aymen Benhmida
Greenhorn

Joined: Jun 24, 2011
Posts: 12

thanks for the respons,

i have also other jsp files where i have to verify that the user is still logged before doing any action. for example, the user has created some article when logged in and then he passes to the welcome page so i have to verify that he is still logged in in order to let him some other actions. And there some other pages which must respond to the same senario. So do i have to verify that he is still logged in every page or there's a more clean way to do this.
and if this is the best way how can you advice me to do it the best possibly way.
Thakur Sachin Singh
Ranch Hand

Joined: Jun 15, 2010
Posts: 224

you can also use the html hidden field but this is not the good idea. HttpSession is best way to do that.


SCJP 6- 91%, IBM DB2, IBM RAD Certified
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60046
    
  65

Servlet filter


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: best way to keep tracking of the user info?
 
Similar Threads
New To JSP
How to identify host uniquely when a firewall is enabled?
web services / logonhanlder service
Saving image on server in directory structure vs in database
Lean Software Development: slack vs waste