File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes A question about authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "A question about authentication" Watch "A question about authentication" New topic

A question about authentication

Bob Moranski
Ranch Hand

Joined: Nov 22, 2000
Posts: 177
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class LoginHandler extends HttpServlet {
public void doPost(HttpServletRequest req, HttpServletResponse res)throws ServletException, IOException {
PrintWriter out = res.getWriter();
// Get the user's name and password
String name = req.getParameter("name");
String passwd = req.getParameter("passwd");
// Check the name and password for validity
if (!allowUser(name, passwd)) {
out.println("<HTML><HEAD><TITLE>Access Denied</TITLE></HEAD>");
out.println("<BODY>Your login and password are invalid.<BR>");
out.println("You may want to <A HREF=\"/login.html\">try again</A>");
else {
// Valid login. Make a note in the session object.
HttpSession session = req.getSession(true);
session.putValue("logon.isDone", name);
// just a marker object
// Try redirecting the client to the page
//he first tried to access
<font color=red> try {
String target = (String) session.getValue("");
if (target != null)
catch (Exception ignored) { }</font>
// Couldn't redirect to the target.
//Redirect to the site's home page.
res.sendRedirect(req.getScheme() + "://" +
req.getServerName() + ":" + req.getServerPort());
protected boolean allowUser(String user, String passwd) {
return true; // trust everyone
Hi, I have a question about the above code. A person that tries to log in for the first time will have "taget" to be null. So, for a first timer, "target" will always be null, and there is no way to get around it to get a valid link?
Can someone please explain this to me?
ray bond
Ranch Hand

Joined: Oct 11, 2000
Posts: 111
you have to pass target value in parameter to servlet ,
based on that parameter get string and then send redirect.
Bob Moranski
Ranch Hand

Joined: Nov 22, 2000
Posts: 177
This servlet is called by a HTML page that has only two parameters, name and passwd. So...
I agree. Here's the link:
subject: A question about authentication
It's not a secret anymore!