how to increase users in tomcat-users.xml file automatically not manually

Expand Post »

Hi guys, I am trying to restrict users to access the sources of my application so I have used tomcat-users.xml file , but later I will be facing a problem which is how if I have a lot of authorized users , so I will add each one to that file manually , i think it is not efficient way . Furthermore , I am having an application that lets users used its resources based on the user account in database. if the user has an account in database he/she can login to the application and use the resources , so how can I use this idea with tomcat-users.xml just to avoid the increase number of authorized users in tomcat-users.xml
I hope you understand my question . I don't mind to repeat it again if you have any question
please help me guys because I want to prevent unathorized users to access directly using URL in my application
thank you very very very much

Similar Threads

Create XML File DYnamically Using ASP.Net C# in ASP.NET
How to open PDF file in Python
how to display XML file in textBox or Treeview using C# in C#
create buttons configured from xml file in C#
[urgent] HTML form => XML file in JSP

alsoumhi

Reputation Points: 10

Solved Threads: 0

Junior Poster in Training

Offline

66 posts
since Aug 2007

Permalink

Nov 3rd, 2009

Re: how to increase users in tomcat-users.xml file automatically not manually

Click to Expand / Collapse Quote originally posted by alsoumhi ...

I want to prevent unathorized users to access directly using URL in my application

When the user logs in, do you put that user in the session?

JSP Syntax (Toggle Plain Text)
String username;
String password;
 
// check the database to see if the user is valid.
if (yes) {
  request.getSession().setAttribute("USER",username);
}
String username;
String password;

// check the database to see if the user is valid.
if (yes) {
  request.getSession().setAttribute("USER",username);
}

When the user logs out do you do this:

JSP Syntax (Toggle Plain Text)
request.getSession().setAttribute("USER",null);
request.getSession().setAttribute("USER",null);

And my suggestion would be to put this check in all of your pages:

JSP Syntax (Toggle Plain Text)
String username = (String)request.getSession().getAttribute("USER");
if (username==null) {
  // unauthorized user
  // redirect to log in page
}
String username = (String)request.getSession().getAttribute("USER");
if (username==null) {
  // unauthorized user
  // redirect to log in page
}

javaAddict

Sponsor

Featured Poster

Reputation Points: 1014

Solved Threads: 446

Nearly a Senior Poster

Offline

3,260 posts
since Dec 2007

This thread is solved

Either the thread starter or a moderator has marked this thread as solved. You can most likely trust the responses and answers given. There is most likely no reason for any further responses to be posted here. If you have a related question, please start a new thread in this forum instead.

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in JSP Forum Timeline: Help with GET method please

Next Thread in JSP Forum Timeline: JSP Page Interaction

DaniWeb Message

Cancel Changes

User Name
Password