For a personal project, I'm creating a webapp that requires users to log
in. I'm using Spring Framework 2.5 as the application framework,
Hibernate for persistence, and Resin 3 as the application container.
Security isn't yet that much of a concern, but I'd like to make sure I'm
headed in the right direction if this ever gets off the ground.
So, I have a User class, which has username. I could store password in
this class too, but I was thinking about whether I should encrypt it/how
to encrypt it, or whether I should externalize the authentication
I don't know much about secure authentication, so any suggestions on
libraries or best practices would be appreciated. Oh, and whatever
approach I use, I need to support self-service account
Daniel Pitts' Tech Blog: < http://www.yqcomputer.com/