hello everyone
I still need code snippet help with authentication of username and password on both java and web application..

The code will be the same. It doesn't matter for what you are going to use it. I will post the code soon, after I finish some other issues I have.

The code will be the same. It doesn't matter for what you are going to use it. I will post the code soon, after I finish some other issues I have.

ok will be waiting
thanks

Inside a class declare the variable:

Connection conn=null;

In the same class:

Method for opening connection. Uses the myssql driver. download the jar and add it to the jars of your project

protected void openConnection() throws Exception {
        if ((conn==null)||(conn.isClosed())) {

String ip = "10.23.14.5"; //the ip of the database, in your case it would be localhost
String db_name="name_of_the_DB";
String user="username"; //the username that you use to login to the database
String pass="password"; //the password you use to login to the datatabase
 
            Class.forName("com.mysql.jdbc.Driver").newInstance();            conn=DriverManager.getConnection("jdbc:mysql://"+ip+"/"+db_name,user,pass);
        }
    }

Closing connection:

protected void closeConnection() throws Exception {
        if ((conn!=null)&&(!conn.isClosed()))
            conn.close();
    }

Use the above methods to open the conn and use it to run queries:

public boolean validatePassword(String user, String pass) throws Exception {
        this.openConnection();
        
        String query="select username, password from users where username='"+user+"' and password='"+pass+"'";
        Statement st=null;
        ResultSet rs=null;
        String u=null;
String p=null;
        
        try {
            st=conn.createStatement();
            rs=st.executeQuery(query);

                if (rs.next()) {
                    u=rs.getString(1);
p=rs.getString(2);
                }
                rs.close();
                rs=null;
                st.close();
                st=null;
this.closeConnection();
return ((u.equals(user))&&(p.equals(pass)));
        } catch (Exception e) {
            System.out.println(e.getMessage());
this.closeConnection();
        }
        return false;
    }
Comments
Nice post.
Very nice post!

Amazing, This code is really helpful.

It can be found in any book and tutorial. And I wrote this a long time ago, meaning that there are better versions of that

> String ip = "10.23.14.5"; //the ip of the database, in your case it would be localhost

Prefer configuration over code; the URL for the database along with the database name almost always comes from a configuration file. Also for database intensive applications/operations, consider using a Connection Pool instead of grabbing raw connections. Connection object creation is an expensive activity giving the fact that your application will perform a lot many short lived Database activities. Connection pools give your the power of configuring a variety of parameters like the pool size, the connection purge policy etc.

> String query="select username, password from users where username='"+user+"' and 
> password='"+pass+"'";

Vulnerable to SQL Injection. Using Prepared Statements prevents this as well as the Statement pooling offered by a lot many Type 4 drivers reduces the execution time.

>

u.equals(user))&&(p.equals(pass))

Though not applicable to this discussion maybe, password are almost always never stored in plain text format. Consider encrypting your passwords and salting them. Industry strength J2EE applications also make use of a LDAP for authentication instead of storing passwords in plain old database tables. They provide you the flexibility of organizing the users of your application in groups and hierarchies and their easy management.

got any idea on how to encript the datas instead of storinr it in a plain text. give us a code snipet. thank y'all for your contributions.

This question has already been answered. Start a new discussion instead.