aspose file tools*
The moose likes Servlets and the fly likes authentication page Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "authentication page" Watch "authentication page" New topic
Author

authentication page

roy ramos
Greenhorn

Joined: Nov 17, 2009
Posts: 26
Hi, can anyone help me with this code i'm new in programming, when i try this code it always prompt me "You are not an authentic person" but the user name and password that i use to login is correct, can somebody help to check where can i go wrong

here is the jsp file Authentication.jsp



here is the servlet Authentication.java



here is my web.xml


need help really really need help


-roy
Andrew Monkhouse
author and jackaroo
Marshal Commander

Joined: Mar 28, 2003
Posts: 11524
    
100

2 suggestions:
  • Ask a question. I do not know if you are having a problem with your JSP, your servlet, or your web.xml file. Or whether your problem is unrelated to any of these - perhaps it is a JDBC issue, or an SQL issue. You have not said what exactly you would like help with
  • UseCodeTags (click the link to find out more). Please click the button to go back and edit your post and add the code tags.


  • The Sun Certified Java Developer Exam with J2SE 5: paper version from Amazon, PDF from Apress, Online reference: Books 24x7 Personal blog
    Aditya Keyal
    Ranch Hand

    Joined: Dec 01, 2008
    Posts: 71
    1) For starters log the values of password and username that you have retrieved from the database. They are an obvious mismatch from the input values thats why you are not being authenticated.

    2) You are retrieving all the rows from your database table. Which means that even if your password and username is correct but there are more than one sets of correct username's and passwords your program has a high chance of not working.
    So retrieve a row using the specific username in the WHERE clause. It will help.

    3) Also preferred is that you should log the values you have retrieved from the request scope by first reading them into a string variable.


    - Aditya Webservices Blog
    roy ramos
    Greenhorn

    Joined: Nov 17, 2009
    Posts: 26
    Sir Aditya,

    I only have 1 entry on my testing database
    Deepak Bala
    Bartender

    Joined: Feb 24, 2006
    Posts: 6662
        
        5

    What is the user name and password you get from the request ? Log it

    What is the user name and password you get from the database ? Log it

    Compare both. Of course you will have to remove the logs after you are done


    SCJP 6 articles - SCJP 5/6 mock exams - More SCJP Mocks
    Aditya Keyal
    Ranch Hand

    Joined: Dec 01, 2008
    Posts: 71
    Also can you check the server logs. I have a feeling your database call might be failing but is getting caught in the catch-block and absorbed. Check your server logs first to confirm if you have any errors.
    Andrew Monkhouse
    author and jackaroo
    Marshal Commander

    Joined: Mar 28, 2003
    Posts: 11524
        
    100

    First some general comments:

    You are not using the ServletConfig in the code you presented - while not causing a problem, it is generally considered a good thing to only have the minimum code needed to solve your problem (or to demonstrate your problem).

    The code:is creating a new String object on a static String object. So at the end of running those lines of code, you will have 3 instances of the "" string - not very efficient. For your purposes, you could get away with

    You are potentially leaking connections to your database since you are not closing the Connection you have created. In addition, if there is any exception in any part of your code you will potentially also leak the ResultSet and the Statement. You should change the logic to use a try...catch...finally block. For example:

    Side note: most people who are dealing directly with databases like this (rather than using a framework), tend to have a utility class that has methods for each of these, such as "closeResultSet", "closeStatement" and "closeConnection". They often also have multiple overriden "close" methods that then close whatever they are passed, even if they are passed multiple objects and/or alternating orders of objects.

    You might also want to think about whether you really want to be opening and closing your connection (and loading your JDBC driver) every time you process a user request - lines 21,22,24,25,29 and 31 might be better in your init method (and loading the database configuration details based on the ServletConfig is generally considered a good thing).

    In the code I showed above I have followed your convention of sending error information to standard out and standard error. This is not a good idea - depending on how your system is configured you may not ever see it. You really should learn to use the logger and send your log message to a guaranteed location.

    I suspect that the problem is with your database code, not your web based code. You could test this quite easily by changing your doPost method to work without DB connectivity. For example:

    See if you can login with the hard coded credentials there. If you can, then the problem is in the database code, and we can address that separately.
    roy ramos
    Greenhorn

    Joined: Nov 17, 2009
    Posts: 26
    first of all thank you very very much for all of you who respond to this topic

    Sir Andrew, i tried you're hard coded credentials and it able to proceed successfully
    Aditya Keyal
    Ranch Hand

    Joined: Dec 01, 2008
    Posts: 71
    Good so that pretty much solves your problem. There is an error in the database retrieval of the username and password. Please look into the server logs, identify the issue and then go ahead and solve it / log it in the correct forum.
     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: authentication page