This week's book giveaway is in the Cloud/Virtualization forum.
We're giving away four copies of Learning OpenStack Networking: Build a solid foundation in virtual networking technologies for OpenStack-based clouds and have James Denton on-line!
See this thread for details.
Win a copy of Learning OpenStack Networking: Build a solid foundation in virtual networking technologies for OpenStack-based clouds this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

Remembering users...  RSS feed

 
Ranch Hand
Posts: 184
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I assume the best way to remember a user on a website is to set a cookie on their computer and check for it in your index page. Is that correct? Can anybody direct me towards some good info for working with cookies in java?
 
Ranch Hand
Posts: 15304
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
IMO, letting the Application Server do this for you is better/easier. Just tell the server what pages are to be secured, tell it what your login page is, what your error page is, and anytime a secure page is accessed the Application checks to see if anyone is logged in or not and redirects appropriatly.
I am doing this with Tomcat Form Authentication using the JDBCRealm attribute in the server.xml file. I have folders setup in my web app and those folders are based on roles. So when the user tries to access any of those pages Tomcat makes sure they have the correct role as well before letting them in. This saves you that extra include on all your jsp pages. And it can be applied to servlets as well, not just jsp pages.
 
Chris Stewart
Ranch Hand
Posts: 184
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ok, say when you visit JavaRanch, you don't have to login each time. I assume the forum software is doing this by using cookies. That's what I'm after.
 
Gregg Bolinger
Ranch Hand
Posts: 15304
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Found this on reading and writing a cookie with a servlet. Should be the same in a scriplet though. I would use a Session though. It's still a cookie. But when saving user login info, most people use the Session object. It's just easier to work with.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!