在Java中使用基本身份验证进行HTTP POST的最干净的方法是什么?
在Java中使用基本身份验证进行HTTP POST最干净的方法是什么?最干净的方法在旁观者眼里,但您可以使用URL、HttpURLConnection和身份验证程序来完成第一部分。第二部分属于单独的问题。您应该删除此问题并将其分为两部分,显示您在每一部分中所做的工作或研究。在Java中使用基本身份验证进行HTTP POST的最干净的方法是什么?,java,jakarta-ee,authentication,Java,Jakarta Ee,Authentication,在Java中使用基本身份验证进行HTTP POST最干净的方法是什么?最干净的方法在旁观者眼里,但您可以使用URL、HttpURLConnection和身份验证程序来完成第一部分。第二部分属于单独的问题。您应该删除此问题并将其分为两部分,显示您在每一部分中所做的工作或研究。 When user tries to login the application , based on the information in database pull the username and password f
When user tries to login the application , based on the information in database pull the username and password for that particular user.
1) Check whether user is present in DB , if not available then return that USER does not exists.
2)If user is present in DB the pull the password for the USER and compare that against the password which is posted by the user through html/jsp. If its same then allow the user to login else return that password is incorrect.
3)If both username and password are correct as compared to what is present in DB then allows access to home page of appliaction.
Also there are ways using XML :
Security is also maintained by making secure the web page access using the jdbc realm :
<login-config>
<auth-method>FORM</auth-method>
<realm-name>jdbcRealm</realm-name>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/login.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Pages</web-resource-name>
<description/>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ADMINS</role-name>
</auth-constraint>
</security-constraint>