Hi all, I've got a question about using
JSP with Oracle that I'm hoping someone will be able to answer. Here's the situation:
I'm developing a number of small JSP applications on our secure server, and for authentication I'm going to be using the users table which already exists for another oracle application. The passwords stored in this table are encrypted.
My problem is that I'm uncertain if the password sent over by login.jsp, for example, will match the password in the database when the query is executed, since the password in the database in encrypted and the password sent in the query is not.
I've been unable to
test it yet, as I don't currently have access to the production database (and won't for a couple of weeks), but I'm curious if anyone can give me an idea of whether this will work or not, or perhaps if I'll have to find a oracle package or PL/SQL stored procedure which will handle the authentication against the db for me.
Perhaps the package or procedure would be called from the jsp and accept the values from the form, perform the encryption and authentication of the un/pw and return a true/false value?
Can anyone give me an idea if what I mention in the last paragraph is on the right track or if I'm way off base? And if I am way off base, what direction should I be headed in?
Thanks in advance.
Pablo