my dog learned polymorphism*
The moose likes JSP and the fly likes Login Validation In JSP Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Login Validation In JSP" Watch "Login Validation In JSP" New topic
Author

Login Validation In JSP

viral patel
Greenhorn

Joined: Feb 25, 2003
Posts: 16
Hello,
I'm new at JSP. I'm trying to do login validation from jsp page. I have two jsp page. one is try.jsp Which will create login form it will send to test.jsp. Where test.jsp will check the username and password from database. and if it is right then forword it to page useraccount.jsp and if not then to form.jsp But when put information it gives error saying it cant disply page.
here is my code
try.jsp
<HTML>
<HEAD>
<center>
<br><br>
<p>
<h1> <FONT FACE="Helvetica" color="#3399FF"><u> Login </u></font> </h1>
</p><br><br>
</center>
<p>
<font face="Helvetica">
<form action="test.jsp" Method="POST">
<form method="POST" action="j_security_check">
<table border="0" bgcolor=#eeeeee align=center cellspacing=10>
<tr>
<TR>
<TD VALIGN=TOP ALIGN=RIGHT>
<B>User Name:</B>
</TD>
<TD VALIGN=TOP>
<B><INPUT NAME = "userName"
TYPE = "TEXT"
MAXLENGTH = "10"
SIZE = "10"></B>
</TD>
</TR>
<TR>
<TD VALIGN=TOP ALIGN=RIGHT>
<B>Password:</B>
</TD>
<TD VALIGN=TOP>
<B><INPUT NAME = "password"
TYPE = "Password"
MAXLENGTH = "6"
SIZE = "6"></B>
</TD>
</TR>
<TR>
<TD VALIGN=CENTER>
<B><INPUT VALUE= " Log In "
TYPE= "SUBMIT"></B>
</TD>
</TR>
</TABLE>
</FORM>
</BODY>
</HTML>
//TEST.jsp//
<%@ page import="java.util.*" %>
<%@ page import="java.sql.*" %>
<%
String connURL = "jdbc racle:thin:@orca.csc.ncsu.edu:1521 RCL";
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
try{
Class.forName("oracle.jdbc.driver.OracleDriver").newInstance();
conn = DriverManager.getConnection(connURL, "vapatel","pjdas");
stmt = conn.createStatement();
String user;
String password;
String userName=request.getParameter("userName");
String secretWord=request.getParameter("secretWord");
rs =stmt.executeQuery ("SELECT * FROM Login WHERE USERNAME ='"+userName+"' AND PASSWORD='"+secretWord+"'");
while(rs.next()){
String dbUser = rs.getString("USERNAME");
String dbPassword= rs.getString("PASSWORD");
boolean entrance;
entrance=false;

if ((user.equals(dbUser)) && (password.equals(dbPassword))){
entrance=true;
}
else{
entrance=false;
}
if (entrance==true){%>
<jsp:forward page="Useraccount.jsp"/> <%}
else{%>
<jsp:forward page="form.jsp"/> <%}
}
} catch (ClassNotFoundException e) {
System.err.println("Couldn't find the mm " + "database driver: "+ e.getMessage());
} catch (InstantiationException e) {
System.err.println(e.getMessage());
} catch (IllegalAccessException e) {
System.err.println(e.getMessage());
} catch (SQLException e) {
System.err.println("SQL problem: " + e.getMessage());
System.err.println("SQL state: " + e.getSQLState());
System.err.println("Vendor error: " + e.getErrorCode());
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (SQLException e) {
System.err.println(e.getMessage());
}
}


%>
</body>
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

The second page should not display anything. It should not forward to the required resource. Idealy it would be a servlet, but it should just process the user details then use a request.sendRedirect to redirect to the desited page.
The difference is that it 'disconnects' the two pages. HTTP is based on a request and a response. In your case, the request contains the user details, and the response is the display page. If you want to reload the display page, you end up sending the authentication details and logging in again!
Send redirect uses a HTTP 'this is not the page you are looking for' trick. You send a request containing the authentication details to the login servlet (try not to think of it as a 'page'). The login servlet says "I've processed this, but I'm not prepared to respond."
It sends a message back to the browser to look to the display page. The URL in the browser changes to this new page and a new request is sent. The server then responds with the display page.
The advantage here is that if they reload the display page, the request is sent to the display page and not the login servlet.
This wasn't quite what you asked, but I hope it answers your question anyway.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Login Validation In JSP