Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Login Validation In JSP

 
viral patel
Greenhorn
Posts: 16
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,
I'm new at JSP. I'm trying to do login validation from jsp page. I have two jsp page. one is try.jsp Which will create login form it will send to test.jsp. Where test.jsp will check the username and password from database. and if it is right then forword it to page useraccount.jsp and if not then to form.jsp But when put information it gives error saying it cant disply page.
here is my code
try.jsp
<HTML>
<HEAD>
<center>
<br><br>
<p>
<h1> <FONT FACE="Helvetica" color="#3399FF"><u> Login </u></font> </h1>
</p><br><br>
</center>
<p>
<font face="Helvetica">
<form action="test.jsp" Method="POST">
<form method="POST" action="j_security_check">
<table border="0" bgcolor=#eeeeee align=center cellspacing=10>
<tr>
<TR>
<TD VALIGN=TOP ALIGN=RIGHT>
<B>User Name:</B>
</TD>
<TD VALIGN=TOP>
<B><INPUT NAME = "userName"
TYPE = "TEXT"
MAXLENGTH = "10"
SIZE = "10"></B>
</TD>
</TR>
<TR>
<TD VALIGN=TOP ALIGN=RIGHT>
<B>Password:</B>
</TD>
<TD VALIGN=TOP>
<B><INPUT NAME = "password"
TYPE = "Password"
MAXLENGTH = "6"
SIZE = "6"></B>
</TD>
</TR>
<TR>
<TD VALIGN=CENTER>
<B><INPUT VALUE= " Log In "
TYPE= "SUBMIT"></B>
</TD>
</TR>
</TABLE>
</FORM>
</BODY>
</HTML>
//TEST.jsp//
<%@ page import="java.util.*" %>
<%@ page import="java.sql.*" %>
<%
String connURL = "jdbc racle:thin:@orca.csc.ncsu.edu:1521 RCL";
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
try{
Class.forName("oracle.jdbc.driver.OracleDriver").newInstance();
conn = DriverManager.getConnection(connURL, "vapatel","pjdas");
stmt = conn.createStatement();
String user;
String password;
String userName=request.getParameter("userName");
String secretWord=request.getParameter("secretWord");
rs =stmt.executeQuery ("SELECT * FROM Login WHERE USERNAME ='"+userName+"' AND PASSWORD='"+secretWord+"'");
while(rs.next()){
String dbUser = rs.getString("USERNAME");
String dbPassword= rs.getString("PASSWORD");
boolean entrance;
entrance=false;

if ((user.equals(dbUser)) && (password.equals(dbPassword))){
entrance=true;
}
else{
entrance=false;
}
if (entrance==true){%>
<jsp:forward page="Useraccount.jsp"/> <%}
else{%>
<jsp:forward page="form.jsp"/> <%}
}
} catch (ClassNotFoundException e) {
System.err.println("Couldn't find the mm " + "database driver: "+ e.getMessage());
} catch (InstantiationException e) {
System.err.println(e.getMessage());
} catch (IllegalAccessException e) {
System.err.println(e.getMessage());
} catch (SQLException e) {
System.err.println("SQL problem: " + e.getMessage());
System.err.println("SQL state: " + e.getSQLState());
System.err.println("Vendor error: " + e.getErrorCode());
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (SQLException e) {
System.err.println(e.getMessage());
}
}


%>
</body>
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The second page should not display anything. It should not forward to the required resource. Idealy it would be a servlet, but it should just process the user details then use a request.sendRedirect to redirect to the desited page.
The difference is that it 'disconnects' the two pages. HTTP is based on a request and a response. In your case, the request contains the user details, and the response is the display page. If you want to reload the display page, you end up sending the authentication details and logging in again!
Send redirect uses a HTTP 'this is not the page you are looking for' trick. You send a request containing the authentication details to the login servlet (try not to think of it as a 'page'). The login servlet says "I've processed this, but I'm not prepared to respond."
It sends a message back to the browser to look to the display page. The URL in the browser changes to this new page and a new request is sent. The server then responds with the display page.
The advantage here is that if they reload the display page, the request is sent to the display page and not the login servlet.
This wasn't quite what you asked, but I hope it answers your question anyway.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic