1 Reply Latest reply: Nov 17, 2006 9:23 PM by 800351 RSS

    WebApp Authentication

    807607
      Hello, how do I efficiently implement form-based authentication for a JSP/SERVLET app using existing users database in oracle. I use a servlet to authenticate users against the database and set session value. On every subsequent request I check for the session value. if exist then let the user proceed, else redirect to login page.

      Is there a efficient way to do this without checking session value on every page? I understand it could be done with filter but can anyone give me an example? Thanks.

      Thanks for your help...

      pseudocode
      int i = checkuser(username, password);
      if i >0 {
      session.setAttribute("valid", username);
      forward to index.jsp
      }
      else {
      redirect to login page;
      }
      
      public int checkuser(username, password){
      check user against oracle database;
      return o if nonexistence;
      return 1 if exist;
      }