The easy way in a servlet : Make a login servlet where the doGet() just prints a login form. The servlet has to be accessed over https so that noone can pick username/password. To ensure this you can make a test in the doGet() and doPost(): if request.isSecure()...
Now you have the username and password. Do whatever you wan't with it, but to know one user from another use session variables. HttpSession session= request.getSession(true); check the username password against the username password in the sessionvariables. If not there you can set them. Sessionvariables time out after 30 min (configurable in server.xml?) �yvind �yvind Vestavik �vre M�llenberggt 44b 7014 Trondheim [EMAIL PROTECTED] 41422911 On Mon, 22 Apr 2002, Vladimir Vanyukov wrote: > I have seen this question here many times and have seen many answers but > most of them never really ANSWERED the question. So I figured I'd ask > one more time. Is there anyway to programmatically authenticate users? > > Example: > If I have s simple username/password form somewhere on an unprotected > page, how do I use that information (assuming the user filled it out and > submitted it) to allow him to view protected pages? > > > -- > To unsubscribe: <mailto:[EMAIL PROTECTED]> > For additional commands: <mailto:[EMAIL PROTECTED]> > Troubles with the list: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
