Hi.. I'm given a task to write a user authentication and login system in java. How do I start? I can write a simple login page asking for username and password and then check them in a servlet against a database. Is this a 'User authentication and Login system'? Also I can use JAAS.but i think JAAS is already an authentication service. But I want to write from scratch. Please tell me where do i start and what exactly i need to do?
What *exactly* you need to do depends on your requirements, your environment, what you already have, etc. We wouldn't tell you *exactly* what to do anyway, because JavaRanch is NotACodeMill :) But you already seem to know you need to check credentials against a database--what else do you need to know?
Why would you begin a new project with Struts 1.1?! It is old, out-of-date, and not up to today's development standards. Bad idea.
But again--what exactly do you need to know? You already summarized the problem: you need to look up a user by id/password and see if it exists. You'd do that in a logon action. If it doesn't exist, they're not logged in. If they're not logged in, your custom Struts request processor (those might actually only be in Struts 1.2, I haven't used 1.1 in *years*) would check every action that needs to be protected to see if there's a valid user in the session. If there isn't, redirect to a login or error page.