Member Avatar for AliAliAli333

Hi im just wondering how i could improve this to make it secure from either the jsp file itself or external java files.

<html>
<head><title>JSP Page</title></head>
<body>

<jsp:useBean id="user" scope="session" class="shop.UserBean" /> 
<jsp:useBean id="dataFactory" scope="session" class="data.factory" /> 
<%
String userName = request.getParameter("userName");
String userPassword = request.getParameter("userPassword");
user.setLogin(dataFactory.getUser(userName,userPassword));
user.setUser(userName);
if (!user.getLogin()) { %> 
    <jsp:forward page="loginForm.jsp"/>
<%}%>

<jsp:forward page="orderForm.jsp" />
</body>
</html>
  • 3 Contributors
  • 2 Replies
  • 91 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by jwenting
Member Avatar for salman4u

I too was actually looking for the same thing 2-3 days back as me too new to Java. You can have a look at JDBCrealm for Glassfish or Tomcat else an easier approach would be to use Authentication Filters :)

Member Avatar for jwenting

What "security" are you looking for here?
Is username/password not enough and you want something better?
Are you worried about credentials being transmitted in cleartext?
Are you worried about the way your credentials are stored in the database?
Or do you think something else isn't "secure enough"?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.