Create a Simple Login Web Application with Encrypted Password in Java

Building a web application with encrypted password can be a challenging task in Java. Let’s simplify this process and look into how to create a simple login web application with encrypted password using JSP and Servlets. Powered by advanced technological developments, our state-of-the-art login system grants access privileges exclusively to registered users via unique log-in credentials that are carefully verified before granting restricted entry into secure areas on our website infrastructure. Integrating with JDBC (Java DataBase Connectivity), we're ensuring industry-standard secure storage of sensitive customer details within our project's backend that strictly complies with recognised server security best-practices that stress over utmost data safety while offering convenience in processing log-in requests more seamlessly than ever before.

Discover everything about creating Java-web-technology-based robust sign-up protocols confidently through this easy-to-understand guide today!

Setting Up the Development Environment

Embarking on an effective implementation process requires establishing an adequate pre-development setup initially. Therefore before proceeding any further ,it's crucial to secure a Java integrated development environment(Ide)which can either be Eclipse or IntelliJ IDEA. It's necessary to mention that, without this Ide, it might be impossible to move forward. Additionally, Apache Tomcat which is an open-source web server known for supporting JSP and Servlets must not be neglected. While building dynamic web pages, this software provides robust backing. Note that, JSP files although similar to HTML files in appearance, are in reality quite different due to their ability to contain Java codes and generate HTML dynamically.

Implementation of Login Web Application with Encryption in Java

The program will used the following technologies for building an encrypted web login page.

  • Servlets and JSP for creating a dynamic web application

  • Java for programming the logic of the application

  • HTTP protocol for client-server communication

  • HTML and CSS for creating the web pages and styling them

  • Encryption algorithm (SHA-256) for encrypting the password before storing it in the database.


  • Set up the development environment.

  • Create a login page using HTML and JSP.

  • Handle login requests using a Servlet.

  • Create a dashboard page using HTML and JSP.

  • Store user information in a database using JDBC

Code Base for Login Web Application in Java

Achieving success with this project heavily relies on having a well equipped development environment complete with both Servlet API and JSP API pre installed. These essential tools belong to Java Enterprise Edition (Java EE) readily available for download on Oracles official website. Take some time beforehand to set up adequately for a seamless implementation process!

Creating a Login Page


import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class LoginServlet extends HttpServlet {

   public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
         PrintWriter out = response.getWriter();

         String username = request.getParameter("username");
         String password = request.getParameter("password");

         if (username.equals("user") && password.equals("password")) {
            HttpSession session = request.getSession(true);
            session.setAttribute("currentSessionUser", username);
         } else {
            out.println("<html><body><font color='red'>Invalid login details. Please try again.</font></body></html>");
            RequestDispatcher rd = request.getRequestDispatcher("login.jsp");
            rd.include(request, response);

The code implements a basic login servlet using the HTTPServlet class provided by the Servlet API. It takes in a username and password, checks them against a hardcoded value, and either grants access to a welcome page or displays an error message.

Adding a Password Encryption



public class EncryptionUtil {
   public static String encrypt(String plaintext) {
      try {
         MessageDigest md = MessageDigest.getInstance("SHA-256");
         byte[] hashedBytes = md.digest(plaintext.getBytes());
         StringBuilder sb = new StringBuilder();
         for (byte b : hashedBytes) {
            sb.append(Integer.toString((b & 0xff) + 0x100, 16).substring(1));
            return sb.toString();
      } catch (NoSuchAlgorithmException e) {
      return null;

Using the SHA-256 algorithm, this script offers a convenient means of encrypting passwords. It enables the safekeeping of passwords in databases or any other storage platform.

You will need to install and configure the necessary Servlet API and JSP API to run these code smoothly in your system. Following that, a login page can be devised in JSP that transmits data to the LoginServlet. After that, the input is then processed by LoginServlet, which determines if access is granted or not.


Great! Now, you’ve gained an understanding on the creation and implementation of a secure login system using Java.

Fundamentally, user authentication is imperative for the heightened security of any web application. The encrypted password feature that we've implemented ensures that unauthorized users will face considerable challenges in accessing sensitive information.

As with everything concerning security, it is crucial to note that consistent improvement is necessary, so ongoing learning and staying updated with current best practices are crucial. Always keep security in mind.

Updated on: 28-Jul-2023


Kickstart Your Career

Get certified by completing the course

Get Started