Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Creating an HTTP Header

 
Anoop Krishnan
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want to add a new HttpHeader to my web application which contains some user authentication info from the login page . I used the servlet api methods to add headers as key value pair to the response but when I read the headers from the request object I could see only the standard http header informations like session id,cooke ,url things like this.I am not able read the headers which I created
I want to add it as a common header which is accessible for every servlets in my project so that the user can be validated on each page.

I don't know what I am doing wrong can anybody tell me how can I create a http header like this.
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You have only sent the header to the client. There is nothing saying they must send it back to you - it isn't 'persistent'. If this is what you are looking for, you should either set it as a Cookie (which is a persistent header) or store it server-side on the session.

Be wary of sending user data across the internet which is not encrypted. It opens you to possible information stealing or user-spoofing. eg someone listens for a saves your special cookie value, or a user changes the cookie value and 'becomes' someone else.

Dave
 
Anoop Krishnan
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want it to be persistant
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I guessed. Use a cookie, subject to the warning given - if you do it poorly you could end up opening your site to anyone who wants to get in, making authentication pointless.
 
Jayesh Lalwani
Ranch Hand
Posts: 502
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Why can't you just store the user information in the session?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic