• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Servlets

 
ankita balaji
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Everybody,
I need a small help from you.Im new to session tracking and I want to maintain the sessions for the user login based on the username.i.e I should not allow the user to take up a online test or so if he is not logged or not registered yet.Can anyone please send me the code for my problem.
Expecting the needed help from U,
Have a nice time.
Bye
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65229
95
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm not sure why you posted this in the JDBC forum. Moving to the Servlets forum.
 
Ramaswamy Srinivasan
Ranch Hand
Posts: 295
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ankita,

This can be done in the following way.

When the user logs in, where are you extracting some info about the user from the data base?

Any way, if that is in the servlet, you can set the user name to the session variable.





By doing so, we can get the username from the session, using



We can check whether the names match, to ensure that the current user is the authenticated one.

I think this is one way...if any better ways exist, kindly let me know guys.

Cheers,
Swamy
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Ramaswamy Srinivasan:

We can check whether the names match, to ensure that the current user is the authenticated one.


How swamy?? match the name in the session with which name?? Or we have to get a name with every request to match with the existing name in the session.

Why not just check the name from session. if we get some name then alright the user is authenticated, otherwise we will get null.

isn't it better to place logged in users in application context scope then we can check whether the user, made the request, is logged in or not. Moreover we can avoid multiple logins by same user. again we have to get a name in every request.
 
Ramaswamy Srinivasan
Ranch Hand
Posts: 295
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Adeel,

Thanks a lot for pointing that out.

Did not think of that one mate....I get it now. It's definitely a better way.

Cheers,
Swamy
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic