Win a copy of Java EE 8 High Performance this week in the Java/Jakarta EE forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

I hope someone replies to this one  RSS feed

Ranch Hand
Posts: 93
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I have the below java file. Looks up user credentials validates them with backend db table and if successful returns a token

Can someone please show me how i put this token in a soap header so that client web service can use it to make calls to the db to make sure the toekn is valid and so that the user doesn't have to keep logging n

Am i going about this the right way

My code:

public class LoginHandler extends HttpServlet
String sqlResults = null;
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
PreparedStatement ps = null;
ResultSetMetaData rsmd = null;

public String validateUser (String userName, String password)
// pass userName and password values back to db to see if they exist
// connect to ConnectionFactory
String sql = "SELECT * FROM tblUsers WHERE userName = '"+userName+"' AND password = '"+password+"'";

conn = ConnectionFactory.getConection();
stmt = conn.createStatement();
rs = stmt.executeQuery(sql);
ps = conn.prepareStatement(sql);

// iterate through recordset and get data
if (
sqlResults = rs.getString("userName");
catch (Exception e)

return sqlResults;

public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
// get userName and password entered by user
String userName = request.getParameter("userName");
String password = request.getParameter("password");

// get application Id from calling web service
String applicationId = request.getParameter("applicationId");

// call validateUser method to validate userName and password
String validateUserName = validateUser(userName, password);

if (validateUserName == null)
// redirect to login page
// either typo error or not registered
//HttpSession session = request.getSession(true);

//String sessionId = session.getId();
//session.setAttribute("sessionId", sessionId);

// get a unique user id
String uniqueUserId = WebServiceToken.getUniqueId();

// set expiry date 7 days from now
Calendar expiryDate = Calendar.getInstance();
expiryDate.roll(Calendar.DATE, 7);

applicationId = "wsAppTest";

// insert token details
WebServiceToken.setTokenDetails(userName, uniqueUserId, expiryDate, applicationId);

// return a token and use in the calling web service
String token = WebServiceToken.getToken(uniqueUserId, applicationId);

// now put this token in the SOAP header, so calling web service can use it
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!