How can I implement a password-protected servlet?

niels thorwirth

Most web servers support HTTP-Authentication. Thus, once the servlet is loaded, the user has already been authenticated. You can learn more about this from: http://www.trudat.com/computer/authentication/authentication.html and http://www.trudat.com/computer/authenti.htm.

[The above technique uses browser-based authentication, which has the advantage that it's standard and well-supported across browsers, but the disadvantage of using an ugly dialog box with very little extra information. An alternate technique is to write a servlet or JSP that asks your user for his login information; this gives you a lot of control but can be tricky to implement correctly. Finally, there is FORM-based login; see What is FORM based login and how do I use it? for details on this new spec-based functionality. -Alex]