Login Form

point me towards a toturial...

Page 1 of 1

8 Replies - 67209 Views - Last Post: 12 December 2006 - 05:32 PM Rate Topic: -----

#1 doxology15  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 5
  • Joined: 30-August 05

Login Form

Posted 13 September 2005 - 09:23 AM

I need a tutorial specifically on setting up a secure login form. It can't be in PHP or ASP, it has to be in HTML and/or Java...Anyone who knows where I can find a tutorial for this?
Is This A Good Question/Topic? 0
  • +

Replies To: Login Form

#2 Amadeus  Icon User is offline

  • g+ + -o drink whiskey.cpp
  • member icon

Reputation: 248
  • View blog
  • Posts: 13,507
  • Joined: 12-July 02

Re: Login Form

Posted 13 September 2005 - 09:26 AM

Just to be clear, it has to be a java applet or java server page?
Was This Post Helpful? 0
  • +
  • -

#3 doxology15  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 5
  • Joined: 30-August 05

Re: Login Form

Posted 13 September 2005 - 09:27 AM

a java applet...
Was This Post Helpful? 0
  • +
  • -

#4 Amadeus  Icon User is offline

  • g+ + -o drink whiskey.cpp
  • member icon

Reputation: 248
  • View blog
  • Posts: 13,507
  • Joined: 12-July 02

Re: Login Form

Posted 13 September 2005 - 09:47 AM

Hmmm...you might want to check the utilities section on Java Boutique, they may have some info or an existing login applet. If you're familiar with applet programming you can likely do one up easily enough...you probably only need a couple of fields...what are you going to verify the information against? A database? Or are you just putting the information in a cookie or javabean?
Was This Post Helpful? 0
  • +
  • -

#5 doxology15  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 5
  • Joined: 30-August 05

Re: Login Form

Posted 13 September 2005 - 10:22 AM

I was not sure whether to use a databas, cookies or javabean, so I was hoping to use whatever I could do the easiest...As I'm not a Javascript expert, it might take awhile to get the form working, but thanks!
Was This Post Helpful? 0
  • +
  • -

#6 Amadeus  Icon User is offline

  • g+ + -o drink whiskey.cpp
  • member icon

Reputation: 248
  • View blog
  • Posts: 13,507
  • Joined: 12-July 02

Re: Login Form

Posted 13 September 2005 - 10:31 AM

No problem, let us know if there is anything we can do to help...

As an FYI, those applets are in Java...java is not the same as javascript.
Was This Post Helpful? 0
  • +
  • -

#7 janakiraman  Icon User is offline

  • New D.I.C Head

Reputation: 3
  • View blog
  • Posts: 3
  • Joined: 05-December 06

Re: Login Form

Posted 11 December 2006 - 10:40 PM

View Postdoxology15, on 13 Sep, 2005 - 09:23 AM, said:

I need a tutorial specifically on setting up a secure login form. It can't be in PHP or ASP, it has to be in HTML and/or Java...Anyone who knows where I can find a tutorial for this?



Hi

Use the following codes in Netbeans you will get a Uname&pward page.Once you log in you will get the TreePanelView.
Regards
Janakiraman

Note
Username =raman
password=raman

mport java.awt.*;
import javax.swing.*;
import java.awt.event.*;

public class Frame1 extends JFrame {
private static final String text = "<html> <center><b><font size=+3>Central</font></b> <br><b><font size=+3>Manager</font></b></center> </html>";

JPanel jPanel1 = new JPanel();
BorderLayout borderLayout1 = new BorderLayout();
JLabel jLabel1 = new JLabel();
JPanel jPanel2 = new JPanel();
GridBagLayout gridBagLayout1 = new GridBagLayout();
JLabel jLabel2 = new JLabel();
JLabel jLabel3 = new JLabel();
JTextField loginTextField = new JTextField(20);
JPasswordField passwordTextField = new JPasswordField(20);
JPanel jPanel3 = new JPanel();
JButton exitButton = new JButton();
JButton enterButton = new JButton();
FlowLayout flowLayout1 = new FlowLayout();

public Frame1() {
try {
jbInit();
}
catch(Exception e) {
e.printStackTrace();
}
}

private void login(ActionEvent e) {
String login = loginTextField.getText();
String password = new String(passwordTextField.getPassword());
//validate login and password here. validity will be done by sending login/password to the server
if (login.equals("raman") && password.equals("raman")) {
System.out.println("login successfull");
showTreeView();
} else {
JOptionPane.showMessageDialog(this,"Incorrect login or password","Error",JOptionPane.ERROR_MESSAGE);
loginTextField.setText("");
passwordTextField.setText("");
loginTextField.requestFocusInWindow();
}
}

private void showTreeView() {
getContentPane().removeAll();
TreeViewPanel treeview = new TreeViewPanel();
getContentPane().add(treeview);
getContentPane().validate();
}
private void exit(ActionEvent e) {
setVisible(false);
}

public static void main(String[] args) {
Frame1 f = new Frame1();
f.setLocation(200,200);
f.pack();
f.show();
}
private void jbInit() throws Exception {
jPanel1.setLayout(borderLayout1);
jLabel1.setHorizontalAlignment(SwingConstants.CENTER);
jLabel1.setText(text);
jPanel2.setLayout(gridBagLayout1);
jLabel2.setText("Password:");
jLabel3.setText("Login:");
exitButton.setText("Exit");
exitButton.addActionListener(new java.awt.event.ActionListener() {
public void actionPerformed(ActionEvent e) {
exit(e);
}
});
enterButton.setText("Enter");
enterButton.addActionListener(new java.awt.event.ActionListener() {
public void actionPerformed(ActionEvent e) {
login(e);
}
});
jPanel3.setLayout(flowLayout1);
flowLayout1.setAlignment(FlowLayout.RIGHT);
this.getContentPane().add(jPanel1, BorderLayout.CENTER);
jPanel1.add(jLabel1, BorderLayout.NORTH);
jPanel1.add(jPanel2, BorderLayout.CENTER);
jPanel2.add(loginTextField, new GridBagConstraints(2, 1, 1, 1, 0.0, 0.0
,GridBagConstraints.CENTER, GridBagConstraints.NONE, new Insets(0, 11, 0, 0), 0, 0));
jPanel2.add(jLabel2, new GridBagConstraints(1, 2, 1, 1, 0.0, 0.0
,GridBagConstraints.CENTER, GridBagConstraints.BOTH, new Insets(11, 0, 0, 0), 0, 0));
jPanel2.add(passwordTextField, new GridBagConstraints(2, 2, 1, 1, 0.0, 0.0
,GridBagConstraints.CENTER, GridBagConstraints.NONE, new Insets(11, 11, 0, 0), 0, 0));
jPanel2.add(jLabel3, new GridBagConstraints(1, 1, 1, 1, 0.0, 0.0
,GridBagConstraints.CENTER, GridBagConstraints.BOTH, new Insets(0, 0, 0, 0), 0, 0));
jPanel1.add(jPanel3, BorderLayout.SOUTH);
jPanel3.add(enterButton, null);
jPanel3.add(exitButton, null);
}
}
 ==================================


import java.awt.*;
import javax.swing.*;

public class TreeViewPanel extends JPanel {
BorderLayout borderLayout1 = new BorderLayout();
JScrollPane jScrollPane1 = new JScrollPane();
JTree tree = new JTree();
JPanel jPanel1 = new JPanel();
JButton jButton1 = new JButton();

public TreeViewPanel() {
try {
jbInit();
}
catch(Exception ex) {
ex.printStackTrace();
}
}
void jbInit() throws Exception {
this.setLayout(borderLayout1);
jButton1.setText("Manage Group");
this.add(jScrollPane1, BorderLayout.CENTER);
jScrollPane1.getViewport().add(tree, null);
this.add(jPanel1, BorderLayout.SOUTH);
jPanel1.add(jButton1, null);
}
}

Was This Post Helpful? 1
  • +
  • -

#8 eXceed69  Icon User is offline

  • "Super Sentai Knight Of DawN"
  • member icon

Reputation: 7
  • View blog
  • Posts: 688
  • Joined: 12-November 06

Re: Login Form

Posted 11 December 2006 - 10:55 PM

next tym used [code] sytax :D
Was This Post Helpful? 0
  • +
  • -

#9 salindor  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 46
  • View blog
  • Posts: 301
  • Joined: 10-November 06

Re: Login Form

Posted 12 December 2006 - 05:32 PM

View Postjanakiraman, on 11 Dec, 2006 - 10:40 PM, said:

View Postdoxology15, on 13 Sep, 2005 - 09:23 AM, said:

I need a tutorial specifically on setting up a secure login form. It can't be in PHP or ASP, it has to be in HTML and/or Java...Anyone who knows where I can find a tutorial for this?



Hi

Use the following codes in Netbeans you will get a Uname&pward page.Once you log in you will get the TreePanelView.
Regards
Janakiraman

Note
Username =raman
password=raman

mport java.awt.*;
import javax.swing.*;
import java.awt.event.*;

public class Frame1 extends JFrame {
private static final String text = "<html> <center><b><font size=+3>Central</font></b> <br><b><font size=+3>Manager</font></b></center> </html>";

JPanel jPanel1 = new JPanel();
BorderLayout borderLayout1 = new BorderLayout();
JLabel jLabel1 = new JLabel();
JPanel jPanel2 = new JPanel();
GridBagLayout gridBagLayout1 = new GridBagLayout();
JLabel jLabel2 = new JLabel();
JLabel jLabel3 = new JLabel();
JTextField loginTextField = new JTextField(20);
JPasswordField passwordTextField = new JPasswordField(20);
JPanel jPanel3 = new JPanel();
JButton exitButton = new JButton();
JButton enterButton = new JButton();
FlowLayout flowLayout1 = new FlowLayout();

public Frame1() {
try {
jbInit();
}
catch(Exception e) {
e.printStackTrace();
}
}

private void login(ActionEvent e) {
String login = loginTextField.getText();
String password = new String(passwordTextField.getPassword());
//validate login and password here. validity will be done by sending login/password to the server
if (login.equals("raman") && password.equals("raman")) {
System.out.println("login successfull");
showTreeView();
} else {
JOptionPane.showMessageDialog(this,"Incorrect login or password","Error",JOptionPane.ERROR_MESSAGE);
loginTextField.setText("");
passwordTextField.setText("");
loginTextField.requestFocusInWindow();
}
}

private void showTreeView() {
getContentPane().removeAll();
TreeViewPanel treeview = new TreeViewPanel();
getContentPane().add(treeview);
getContentPane().validate();
}
private void exit(ActionEvent e) {
setVisible(false);
}

public static void main(String[] args) {
Frame1 f = new Frame1();
f.setLocation(200,200);
f.pack();
f.show();
}
private void jbInit() throws Exception {
jPanel1.setLayout(borderLayout1);
jLabel1.setHorizontalAlignment(SwingConstants.CENTER);
jLabel1.setText(text);
jPanel2.setLayout(gridBagLayout1);
jLabel2.setText("Password:");
jLabel3.setText("Login:");
exitButton.setText("Exit");
exitButton.addActionListener(new java.awt.event.ActionListener() {
public void actionPerformed(ActionEvent e) {
exit(e);
}
});
enterButton.setText("Enter");
enterButton.addActionListener(new java.awt.event.ActionListener() {
public void actionPerformed(ActionEvent e) {
login(e);
}
});
jPanel3.setLayout(flowLayout1);
flowLayout1.setAlignment(FlowLayout.RIGHT);
this.getContentPane().add(jPanel1, BorderLayout.CENTER);
jPanel1.add(jLabel1, BorderLayout.NORTH);
jPanel1.add(jPanel2, BorderLayout.CENTER);
jPanel2.add(loginTextField, new GridBagConstraints(2, 1, 1, 1, 0.0, 0.0
,GridBagConstraints.CENTER, GridBagConstraints.NONE, new Insets(0, 11, 0, 0), 0, 0));
jPanel2.add(jLabel2, new GridBagConstraints(1, 2, 1, 1, 0.0, 0.0
,GridBagConstraints.CENTER, GridBagConstraints.BOTH, new Insets(11, 0, 0, 0), 0, 0));
jPanel2.add(passwordTextField, new GridBagConstraints(2, 2, 1, 1, 0.0, 0.0
,GridBagConstraints.CENTER, GridBagConstraints.NONE, new Insets(11, 11, 0, 0), 0, 0));
jPanel2.add(jLabel3, new GridBagConstraints(1, 1, 1, 1, 0.0, 0.0
,GridBagConstraints.CENTER, GridBagConstraints.BOTH, new Insets(0, 0, 0, 0), 0, 0));
jPanel1.add(jPanel3, BorderLayout.SOUTH);
jPanel3.add(enterButton, null);
jPanel3.add(exitButton, null);
}
}
 ==================================


import java.awt.*;
import javax.swing.*;

public class TreeViewPanel extends JPanel {
BorderLayout borderLayout1 = new BorderLayout();
JScrollPane jScrollPane1 = new JScrollPane();
JTree tree = new JTree();
JPanel jPanel1 = new JPanel();
JButton jButton1 = new JButton();

public TreeViewPanel() {
try {
jbInit();
}
catch(Exception ex) {
ex.printStackTrace();
}
}
void jbInit() throws Exception {
this.setLayout(borderLayout1);
jButton1.setText("Manage Group");
this.add(jScrollPane1, BorderLayout.CENTER);
jScrollPane1.getViewport().add(tree, null);
this.add(jPanel1, BorderLayout.SOUTH);
jPanel1.add(jButton1, null);
}
}



Just becareful, this program isn't secure yet, it is a start, but isn't quite there.
If I was a hacker and wanted to break the program, I would download it, and decompile it. For example http://www.kpdus.com/jad.html.

If you just send the password back to the user unencrypted, I would just snoop the wire and capture the password, then I can break in.

I am going to assume once you log in, you don't care if the information is viewable to all or not. As long as this is the case, then you can use a public key cryptosystem like El'Gamal. On the server you generate a private and public key. The public key can be exposed in your applet (either hard coded or in a configuration file doesn't matter). Then when you are ready to trasmit the password to check it, you encrypt the password with the public key. On the server side, you decrypt the password using the private key. For public key cryptosystems you want a key at least 1024 bits long. The longer the more secure.

Generation of the key is the next area where secure system fail. For example, the problem WPA encryption technology is they fail to throw away enough bits away from the intial word. Netscape version 5.5 (might be a different version, but you will get hte point regardless) had a bug where they used the system time as the see fir the randomizer-- hackers figured this out, and I was told could break any netscape 5.5 encrypted stream within milliseconds. Hackers, will think of this and try and use it. In my own tests, I figure I can only get about half a bit of randomoness per call to time, but this was prior to jdk1.5 where Java added the getNanoTime(). I have not tested it sense then. At any rate, the method linux took for generating a random number is probably best as it reads key strokes, mouse movements clicks, processor interrupts, etc etc etc, and encrypts it all. I think it is /dev/rand but I don't have a linux box in front of me to test. Supposing you don't have access to that, you can simulate the same thing, you can use one of Java's secure random functions SecureRandom (DO NOT USE Random THE VALUES CAN BE GUESSED WITH 2 SUCCESSIVE VALUES!!!!). Initialize it, read enough bytes from it to reseed it, grab a suitable non-deterministic event (keyboard stroke, mouse click, time), xor it with the seed, reseed the randomizer. Repeat once for every bit of security you want (especially if this isn't a long running random number generator, i.e. you are just generating the public key then you are throwing away the randomizer). If it is a long running randomizer, you only need todo the long seed process during startup, and doing one reseed each time you pull a value from it.

When I get some time over christmas I might try and write one; but for now I don't have the time necessary except to give you some pointers:
You might want to look at Java security tutorial, that will give a strong overview of security in Java. I didn't see anything in the titles that would help you out, but at least it will get you started on the technology.

Salindor
Was This Post Helpful? 1

Page 1 of 1