Win a copy of Five Lines of Code this week in the OO, Patterns, UML and Refactoring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

authentication & security

 
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi,

do anyone have a link or a link to a well-explained tutorial which concerns to a security based FORM with authentication issue with the all deal of

authentication filtering?

thank you.
 
Saloon Keeper
Posts: 6508
158
Android Mac OS X Firefox Browser VI Editor Tomcat Server Safari
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Not sure what you mean by "authentication filtering", but start here for general information about servlet security: https://coderanch.com/how-to/java/ServletsFaq#security
 
Saloon Keeper
Posts: 22248
151
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Pretty much any decent book on J2EE that covers JSPs and servlets will have a chapter on configuring the container-managed security system and FORM-based authentication.

They then usually ruin all their good work by presenting demos that have a "login page" done as user code instead of using the container security system. Long experience has taught me that the technical term for user-code logins is "hacked". The container-managed security system has its own pre-debugged login code which is much more secure.
    Bookmark Topic Watch Topic
  • New Topic