I'm developping a small scale application in which i use javax.naming in order to authenticate users to MS Active Directory, currently -after authentication.

I'm adding the username to the session variable and using it as a means to check whether the session is still alive in every page, if it doesnt exist i'm forwarding the unlogged user to the login page. Would this be a proper way of doing it?

xterm: that's an acceptable way.. container security unfortunately never quite made it
MXV: Would you mind elaborating on that? What do you mean by Container securit never quite made it.
Would anyone happen to know of a well designed Recordset api in which i can incorporate in my solution?

My current backend is MySQL, i'm using MySQL implemented JDBC driver in order to connect to the database.
xterm: hm? container security (google for jaas and j_security_check) is ickypoo
MXV: Thank you sir. I believe i understand what you meant.