Securing Web Applications - Project

Introduction

To counter security threats, you can implement different security techniques, such as:
- Authentication: Identifies a user.
- Authorization: Specifies the rights assigned to an authenticated user to access resources of a Web application.
- Data Integrity: Ensures that data is not modified while being transferred between the server and the client.
- Auditing: Secures Web applications by maintaining a record of the rights assigned to different types of Web users.

CLICK HERE to download this complete example (zip file)

Creating a Servlet for Form-Based Authentication (LoginSuccess.java)

import javax.servlet.*;

import javax.servlet.http.*;

import java.io.*;

public class LoginSuccess extends HttpServlet

{

public void doGet(HttpServletRequest request, HttpServletResponse response)

{

Try

{

response.setContentType("text/html");

PrintWriter display = response.getWriter();

display.println("<html><body>");

display.println("Thank you, You have been successfully authenticated using form-based authentication.");

display.println("</body></html>");

display.close();

}

catch(Exception exc)

{

exc.printStackTrace();

}

}

Download: LoginSuccess.java

Creating a Login Form (login.html)

Note: Here, use j_security_check, j_username, j_password. This predefined names and are used by the Application server

<html>

<head>

<title>

Form-based Login Authentication

</title>

</head>

<h2>Please Login to Authenticate Yourself</h2>

<table>

<tr>

</tr>

<tr>

<td>Password: </td>

</tr>

<tr>

</tr>

</table>

</form>

</center>

</body>

</html>

Download: login.html

Creating an Error Page (error.html)

<html>

<head>

<title>

Error in Authentication

</title>

</head>

<h3><center>Sorry, your Authentication failed. </center></h3>

</body>

</html>

Download: error.html

Click Next To Continue ...

<- PREVIOUS

NEXT ->

Complete J2EE Step-By-Step Tutorials with Examples

Securing Web Applications - Project