User Authentication

[spanishsteps]

Hello everbody,
what are the best possible ways for user authentication in java??Say,I've a user interface done in swing.Before the user presses a button,I would like to check for his credentials(password is encrypted).Never done with java before, had experience with PHP using flat files as well as databases.I dont want to use any database here.
pls point me to a nice tutorial,useful links or if somebody has a sample code.

Thanks for all your time

 

[seanmceligot]

If this is Swing, and not client/server you can keep an encrypted password in the application. Then, encrypt what the client enters and verity that the two encrypted passwords match. There are specific encryption algorithms used for this called one-way hashes.

This is not 100% secure because brute force attacks might eventually guess the password. If you need to be more secure you will have to verify the password with a server over an encrypted stream.

public class Password {
public static String encryptPassword(String password)
throws NoSuchAlgorithmException {
MessageDigest md = MessageDigest.getInstance("SHA"
md.update("salt".getBytes());
return new String(md.digest(password.getBytes()));
}
public static void main(String[] args) throws Exception {
System.out.println(encryptPassword(args[0]));
}
}

Sean McEligot