Solved

java user authentication

Posted on 2004-03-23
8
213 Views
Last Modified: 2010-03-31
Hi, I want to write efficient authentication, before I used a status variable in a mysql database to verify wether a user was an administrator or not, is this efficient, are there better methods?
0
Comment
Question by:Ronayne
  • 4
  • 4
8 Comments
 
LVL 35

Expert Comment

by:girionis
Comment Utility
Yeap this is the way you do it, unless you want to use a file instead of database. The other thing you can do is to have all roles defined in an XML file (that's how several application servers work) and then parse this XML file and find out which is administrator or not. But I'd go with the database option.
0
 

Author Comment

by:Ronayne
Comment Utility

are there any advantages of using the xml option?, how could I go abouout this?
0
 
LVL 35

Expert Comment

by:girionis
Comment Utility
The only advantage I can see is that you will not make the network trip (if db resides on a different server) to the db server and back. On the other hand processing an XML file with DOM requires more memory. I'd say it's mroe or less the same, with the database giving you the advantage of hashing the passwords as well (you can also hash them and encrypt them if you use an XML file).

> how could I go abouout this?

You basically have an XML file with all the relevant info and then you parse it (using either SAX or DOM) and get the desired information.

This is an excellent link to get you started with XML: http://www.ibiblio.org/xml/books/xmljava/
0
 

Author Comment

by:Ronayne
Comment Utility

with xml, would'nt i be better to use xindice than creating a file?,
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:Ronayne
Comment Utility

ok, im finished with this comment, what advantages are there to storing a users status - administrator or user rather than just storing the status variable in a mysql database?
0
 
LVL 35

Accepted Solution

by:
girionis earned 50 total points
Comment Utility
> with xml, would'nt i be better to use xindice than creating a file?,

xindice is also a database with the only difference that you store and retrieve your data as XML. AFAIK xindice uses XPath in order to find the appropriate XML data you need, so instead of you manualyl using XPath to do the sarching xindice does it for you.

> ok, im finished with this comment, what advantages are there to storing a users status - administrator
>or user rather than just storing the status variable in a mysql database?

The only disadvantage of using a db instead of an XML file *I* can see is the unecessary trip to the db server (if the server is on a different computer on another network).

It actually depends on how much data you have. If only a few records it could actually be faster to have the data in the XML file, load up the file and read the data.
0
 

Author Comment

by:Ronayne
Comment Utility

Thanks for all your help, that great
0
 
LVL 35

Expert Comment

by:girionis
Comment Utility
:)
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
Viewers learn about the third conditional statement “else if” and use it in an example program. Then additional information about conditional statements is provided, covering the topic thoroughly. Viewers learn about the third conditional statement …
Viewers learn how to read error messages and identify possible mistakes that could cause hours of frustration. Coding is as much about debugging your code as it is about writing it. Define Error Message: Line Numbers: Type of Error: Break Down…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now