my dog learned polymorphism
The moose likes JDBC and Relational Databases and the fly likes form Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Databases » JDBC and Relational Databases
Bookmark "form Authentication" Watch "form Authentication" New topic

form Authentication

leo oke

Joined: Jul 09, 2007
Posts: 21
I want to Authenticate a user form using struts and mysql, I've got the jsp,
Formbean ,but the mysql logic is problem .What's the solution on the sql side to check the user?

part code

<html:form action="/login">
<table width="100%" border="0" cellspacing="2" cellpadding="0">
<td colspan="2">

<td width="15%">Enter your name:</td>
<td width="85%">
<html:text property="name" size="25" maxlength="50"

Formbean code

public class LoginForm extends org.apache.struts.validator.ValidatorForm{

private String name = null;

private String result ;

public void setName(String name) { = name;

public String getName() {
return name;

public void setResult(String result) {
this.result = result;

public String getResult() {
return result;

Paul Sturrock

Joined: Apr 14, 2004
Posts: 10336

Hmm. What is your authentication logic? And what entity are you authenticating against?

Its difficult to give much more than general advice without a more specific question I'm afraid. What are you stuck on?

JavaRanch FAQ HowToAskQuestionsOnJavaRanch
leo oke

Joined: Jul 09, 2007
Posts: 21
here's part code..

conn = DriverManager.getConnection
String admnName = request.getParameter("admin_name") ; // Get
the User Name
String admnPwd = request.getParameter("admin_password") ;
statement = conn.createStatement();
String Query = ("select * from admin " ) ;
rs = statement.executeQuery(Query);
admn = rs.getString(1);
pwd = rs.getString(2);
if( (admnName.equals(admn)) && (admnPwd.equals(pwd)))
{ %>
<jsp:forward page="selectTable.jsp?butType=normal"/>
<% } %>
<% if( (admnName != admn) && (admnPwd !=pwd ))
{ %>
<jsp:forward page="index.jsp">
<jsp:param name="errMsg"
value="Sorry Your UserName and Password is Mismatch" />
<% } %>
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
Can there possibly be more than one admin in the DB? I'm asking because the code loops through all results, and only then executes the JSP code that tests the username and password. So effectively it only looks at the last record from the DB, not all of them.

Another point is that you're only handling the cases of either a match in both username and password, or in neither of them. What should happen if the usernames match, but not the passwords (or vice versa)?
I agree. Here's the link:
subject: form Authentication
jQuery in Action, 3rd edition