• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 225
  • Last Modified:

java user authentication

Hi, I want to write efficient authentication, before I used a status variable in a mysql database to verify wether a user was an administrator or not, is this efficient, are there better methods?
0
Ronayne
Asked:
Ronayne
  • 4
  • 4
1 Solution
 
girionisCommented:
Yeap this is the way you do it, unless you want to use a file instead of database. The other thing you can do is to have all roles defined in an XML file (that's how several application servers work) and then parse this XML file and find out which is administrator or not. But I'd go with the database option.
0
 
RonayneAuthor Commented:

are there any advantages of using the xml option?, how could I go abouout this?
0
 
girionisCommented:
The only advantage I can see is that you will not make the network trip (if db resides on a different server) to the db server and back. On the other hand processing an XML file with DOM requires more memory. I'd say it's mroe or less the same, with the database giving you the advantage of hashing the passwords as well (you can also hash them and encrypt them if you use an XML file).

> how could I go abouout this?

You basically have an XML file with all the relevant info and then you parse it (using either SAX or DOM) and get the desired information.

This is an excellent link to get you started with XML: http://www.ibiblio.org/xml/books/xmljava/
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
RonayneAuthor Commented:

with xml, would'nt i be better to use xindice than creating a file?,
0
 
RonayneAuthor Commented:

ok, im finished with this comment, what advantages are there to storing a users status - administrator or user rather than just storing the status variable in a mysql database?
0
 
girionisCommented:
> with xml, would'nt i be better to use xindice than creating a file?,

xindice is also a database with the only difference that you store and retrieve your data as XML. AFAIK xindice uses XPath in order to find the appropriate XML data you need, so instead of you manualyl using XPath to do the sarching xindice does it for you.

> ok, im finished with this comment, what advantages are there to storing a users status - administrator
>or user rather than just storing the status variable in a mysql database?

The only disadvantage of using a db instead of an XML file *I* can see is the unecessary trip to the db server (if the server is on a different computer on another network).

It actually depends on how much data you have. If only a few records it could actually be faster to have the data in the XML file, load up the file and read the data.
0
 
RonayneAuthor Commented:

Thanks for all your help, that great
0
 
girionisCommented:
:)
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now