I have a java program whith a mysql database.
the user loggs in in the breginning of the system with a username and password.
there are some functions that the normal users may not see/use. How do i know who is logged on to my system, since they only type in their login details in the beginning?

Will it be safe/Or is it the right way, to save that user in 'n temporary table in my database to see who he is, and just overwrite that entry every time some one runs the system. Or is there a way to keep that user password and username in some variable somewhere?

Coz i dont want to make my program security retarted.:S

Thank yoU!

there are some functions that the normal users may not see/use. How do i know who is logged on to my system

simple.. check the authentication in the function itself before executing the actual core part.

ex--

void authenticateUserOnly()
{
if(username and password are not valid)
return;
else
do the actual stuff;

There are different ways you can try out..

I have a java program whith a mysql database.
the user loggs in in the breginning of the system with a username and password.
there are some functions that the normal users may not see/use. How do i know who is logged on to my system, since they only type in their login details in the beginning?

Will it be safe/Or is it the right way, to save that user in 'n temporary table in my database to see who he is, and just overwrite that entry every time some one runs the system. Or is there a way to keep that user password and username in some variable somewhere?

Coz i dont want to make my program security retarted.:S

Thank yoU!

good thinker....try google.com.. u will definitely find direct answer to this question. for any specific question post here, we r here for u.....:)

I have a java program whith a mysql database.
the user loggs in in the breginning of the system with a username and password.
there are some functions that the normal users may not see/use. How do i know who is logged on to my system, since they only type in their login details in the beginning?

Will it be safe/Or is it the right way, to save that user in 'n temporary table in my database to see who he is, and just overwrite that entry every time some one runs the system. Or is there a way to keep that user password and username in some variable somewhere?

Coz i dont want to make my program security retarted.:S

Thank yoU!

I have only written a SQL Database in MS Access, but in my knowledge you could save the username and password of those that log in into a 2d array. and then from there when ever you want to check if a person has certain privileges or not by looping through the array and matching the username and password. if none is found the user is not logged in with the necessary privileges?

I'm also hazarding a guess, depending on your method you have both normal users that login in and admin users? well i would just save the admin users to a table in the database/or even in the program as a hardcoded variable(if more security is needed maybe encrypt it with a small xor function) should the database ever become compromised.

Edited 4 Years Ago by DavidKroukamp: n/a

This is probably easier than you think, but first, some clarification:
Do you mean that the user logs in to your Java application or logs in to the mysql database, or both, in which case how are the two logins related?

i Started with the project again.
the user loggs into my application which cross references their passwords with data in the mysql database

This article has been dead for over six months. Start a new discussion instead.