java login system

I am trying to make a multi user login system for my java program, at the moment i am compairing the username and password to md5 hashes stored in a text file. I would like to be able to geive different users different access wrights to the program, using the system i am using at the moment the accesablility would be easy to change if the text file was opend. Is there a way I could encrypt the text in the file and then unencrypt it when the user loggs in??? 开发者_开发百科Thanks

You can take a look at this comprehensive Java Cryptography guide. However, I think that you would be better off with a database to store the username and password since a text file could be easily deleted or modified. Encrypting it only makes it tougher to read.

Please take a look here and here to learn about JDBC. If you want a more robust framework, you can use and ORM like hibernate. The links I have posted refer to MySQL. It is a very popular Database server and integrates well with Java. You shouldn't have any problems finding tutorials or any kind of help with MySQL.

Also have a look at JAAS to restrict access to your services (e.g. based on roles).

Md5 is a one way hash algorithmic you cant decrypt it back , best way is to compare the encrypted string to validate things

Does this help:

Java - encrypt / decrypt user name and password from a configuration file