Ok to explain a bit better, in my jsp page I pass the following (am using JOGRE engine but the principle can be the same for any other client/server applet)
1 2 3 4 5 6
| <applet archive="blah.jar" code="blah.class" width="800" height="500"> <param name="username" value="steve"/> <param name="password" value="xxxxxx"/> <param name="serverhost" value="xxx.xxx.xxx.xxx"/> <param name="serverport" value="xxxx"/> </applet> |
When the user first connects to the applet their credentials are validated against the server, and if so they can play the game.
The password isn't necessary, (in jogre you can just validate against the username). Of course anyone can get the password by viewing the HTML Source Code so you need to consider this.