I have a java servlet web application. In the application I have two authorization

Question

0

Asked: June 12, 20262026-06-12T08:44:21+00:00 2026-06-12T08:44:21+00:00

I have a java servlet web application. In the application I have two authorization

0

I have a java servlet web application. In the application I have two authorization logics:
1. Authorization via username and password – standart login via web form with username and password which user fills up.
2. Authorization via cookies. Once, user fills up username and password, and checks a checkbox ‘remember me’, after this he shouldn’t enters username/password.
I have a question about option number two (cookies). At the moment logic is: I check if user checked ‘remember me’, I get his username and password hash, and store it to the cookies. (Two cookies: username, password) But, I think that the way is not secured. Because somebody can steal the cookies and get access to the web app.
Question is: what is the best secured way to authorized user via cookies? What should I store in the cookeis?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-12T08:44:22+00:00

Editorial Team

2026-06-12T08:44:22+00:00Added an answer on June 12, 2026 at 8:44 am

If you are using HTTPS (which you should be), no one can “steal” the cookies unless they get that information from the person’s actual computer. Just make sure that once the user is logged in that they do not access the page with a normal HTTP request or your cookie data will be exposed.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a java servlet web application. In the application I have two authorization

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply