I'm developing a web application using Java EE 6 Web Profile. I want to e-mail a new user an activation link for his account. How should I implement this? I'm using JSF2. Is there any specification or recommended way for doing this?
I have worked on a project that required user to confirm his email-id to activate his registration. The key generation process was like this:
Key Creation
verification_key
in users
table that holds unique validation key for a user.verification_key
of that user. This will be unique (for practical purposes, I wouldn't go into probability of collision).so, bottom line, key = Base64(Hash256(uniqueUserName+"."+password))
......
side note: BTW, nothing restricts you to use password as salt. You may just create an arbitrary string on fly as salt.
Verification
verification_key
is unique, get the key
from request-parameter and find the matching row. verification_key
as null
(this will also reduce chances of collision if any) and take user to "successfully-verified page".An activation URL evokes an impression of a software service processing a 'service'-request.
Good candidates to realize this service include servlets which will perform the user activation/validation and redirect to a JSF success-page
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With