Hi, I plan to create a website with a login page using form-based authentication. I'm using
Tomcat as a stand-alone application server for learning. I see that I can add a user and role inside Tomcat_user_role.xml (not sure of exact name) file so that the server would use that to check against when user inputed in the user/password input fields. However, I see other programmers (.NET) do not use xml for their user/password or role entries because they store them in the database and dynamically add roles inside their web app. Somehow, they also use form authentication this way: User inputs username/password --> They click submit and a class verifies the user against the database --> If valid, they tell their framework that the user is valid and the framework allows them to login. This sequence was used by a .NET programmer, I assume we can do the same in
Java.
I was wondering what the best approach is for my project. I'm a little lost right now, I'm relatively new in web developement, so please reply with as much detail as possible (good tutorial links are good too).
Thanks so much,
Carmen
[ July 26, 2006: Message edited by: Bear Bibeault ]