I need to create a login page for a website that would save the credentials for the users

I need to create a login page for a website that would save the credentials for the users in a cookie and then take the user credentials information out of the cookie and pass to an application via command line argument.

I don’t know if this is the right way to go about it that is why I am asking.

Most of the site is written in JSP and HTML.

should I get the database involved in this project ( ms sql )
1030071002Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

n2fcCommented:
Cookies are stored on the CLIENT side, not the server...

The only reasons you might need to involve a database is if:
+ You are validating the credentials when setting the cookie, and that required a database access.

Otherwise, if you are just storing the info on the client side (as a cookie) I see no need for a database!

Two things you might also add...
1) Encrypt the credentials in the cookie
2) A "logoff" function to clear the cookie (or possibly a time limit on the validity of the cookie)...

0
cmalakarCommented:
>>I need to create a login page for a website that would save the credentials for the users in a cookie

Complete security risk. You should not store credentials in cookies

>> then take the user credentials information out of the cookie and pass to an application via command line argument.

Why can't the credentials be sent in the request ?

>>should I get the database involved in this project ( ms sql )

If you application doesn't have any other database dependency, then better you just use one file to store the credentials, and use that during validation. If your application already has a database for its functionality, then better to use the database to storing the credentials.
0
mayank_javaCommented:
n2fc is absolutely right. we cant store password in cookies because cookies exist on browser.

you should use either DB or you can store your password in the property file for a single user and compare while logging.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
JSP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.