I am writing a web app (servlet / JSP on tomcat) and wanted to know best practices / experiences for user management (logins and registration)
I am more insterested in
database design security issues (how to store the password on the server and how to send the password from the cline tover https) common mistakes
etc
Thanks --Jatin