TechTip: Handle Security Profile Logging | Security - Other

Here's a quick overview of a simple method to handle security profile logging: Have a JSP called Logon.jsp. Your home page will have a link to Logon.jsp. Logon.jsp will prompt for profile and password and then validate. If valid, you create a LogonClass object:

public class Logon {
public String profile;
public String password;
public Logon (String profile, password) {
this.profile = profile;
this.password = password;
}
}

Stuff that instance into the session object:

<%
String profile = request.getParameter("profile");
String password = request.getParameter("password");
Logon log = new Logon(profile, password);
session.setAtrribute("logon", log);
%>

The Logon.jsp redirects to your home page.

Every page that requires logon info will have the following code:

<%
Logon log = (Logon)session.getAttribute("logon");
if (log == null) {
%>

<% } %>

If the Logon object is successfully retrieved from the session context, your JSP will have access to the profile and password:

<%
String profile = log.profile;
String password = log.password;
%>

And your JDBC calls or whatever can use it.

For a more robust Logon example, look at the example application that comes with Jakarta's Struts.

--Don Denoncourt
This email address is being protected from spambots. You need JavaScript enabled to view it.

Analytics & Cognitive Categories

Latest Analytics & Cognitive News

Career Catgories

Latest Career News

Cloud Categories

Latest Cloud News

IT Infrastructure Categories

Latest IT Infrastructure News

News Categories

Latest News

Programming Categories

Latest Programming News

Security Categories

Latest Security News

Tools

Typography

Share This

LATEST COMMENTS

MC Press Online

Support MC Press Online

MC Press Users

Explore

Advertise

Help

Articles

Resources

Social