0

Hi im just wondering how i could improve this to make it secure from either the jsp file itself or external java files.

<html>
<head><title>JSP Page</title></head>
<body>

<jsp:useBean id="user" scope="session" class="shop.UserBean" /> 
<jsp:useBean id="dataFactory" scope="session" class="data.factory" /> 
<%
String userName = request.getParameter("userName");
String userPassword = request.getParameter("userPassword");
user.setLogin(dataFactory.getUser(userName,userPassword));
user.setUser(userName);
if (!user.getLogin()) { %> 
    <jsp:forward page="loginForm.jsp"/>
<%}%>

<jsp:forward page="orderForm.jsp" />
</body>
</html>
3
Contributors
2
Replies
3
Views
7 Years
Discussion Span
Last Post by jwenting
0

I too was actually looking for the same thing 2-3 days back as me too new to Java. You can have a look at JDBCrealm for Glassfish or Tomcat else an easier approach would be to use Authentication Filters :)

0

What "security" are you looking for here?
Is username/password not enough and you want something better?
Are you worried about credentials being transmitted in cleartext?
Are you worried about the way your credentials are stored in the database?
Or do you think something else isn't "secure enough"?

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.