On application startup, you can obtain all the usernames and passwords and store them in an arraylist in
the session. Thereafter you can obtain these in your
jsp from the arrayList and compare the user entered user names and passwords and verify.
However, note that this will manke your session object size heavy, and morethe number of users, greater will be the disadvantage, as compared to a server or database hit.