Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

I need to create a login page for a website that would save the credentials for the users

Posted on 2011-05-12
3
Medium Priority
?
278 Views
Last Modified: 2012-08-13
I need to create a login page for a website that would save the credentials for the users in a cookie and then take the user credentials information out of the cookie and pass to an application via command line argument.

I don’t know if this is the right way to go about it that is why I am asking.

Most of the site is written in JSP and HTML.

should I get the database involved in this project ( ms sql )
0
Comment
Question by:1030071002
3 Comments
 
LVL 20

Assisted Solution

by:n2fc
n2fc earned 668 total points
ID: 35748687
Cookies are stored on the CLIENT side, not the server...

The only reasons you might need to involve a database is if:
+ You are validating the credentials when setting the cookie, and that required a database access.

Otherwise, if you are just storing the info on the client side (as a cookie) I see no need for a database!

Two things you might also add...
1) Encrypt the credentials in the cookie
2) A "logoff" function to clear the cookie (or possibly a time limit on the validity of the cookie)...

0
 
LVL 23

Assisted Solution

by:cmalakar
cmalakar earned 664 total points
ID: 35748798
>>I need to create a login page for a website that would save the credentials for the users in a cookie

Complete security risk. You should not store credentials in cookies

>> then take the user credentials information out of the cookie and pass to an application via command line argument.

Why can't the credentials be sent in the request ?

>>should I get the database involved in this project ( ms sql )

If you application doesn't have any other database dependency, then better you just use one file to store the credentials, and use that during validation. If your application already has a database for its functionality, then better to use the database to storing the credentials.
0
 

Accepted Solution

by:
mayank_java earned 668 total points
ID: 35775099
n2fc is absolutely right. we cant store password in cookies because cookies exist on browser.

you should use either DB or you can store your password in the property file for a single user and compare while logging.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Building a website can seem like a daunting task to the uninitiated but it really only requires knowledge of two basic languages: HTML and CSS.
This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
In this tutorial viewers will learn how to style a corner ribbon overlay for an image using CSS Create a new class by typing ".Ribbon":  Define the class' "display:" as "inline-block": Define its "position:" as "relative": Define its "overflow:" as …
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question