Hi, can anyone help me with this code i'm new in programming, when i try this code it always prompt me "You are not an authentic person" but the user name and password that i use to login is correct, can somebody help to check where can i go wrong
Ask a question. I do not know if you are having a problem with your JSP, your servlet, or your web.xml file. Or whether your problem is unrelated to any of these - perhaps it is a JDBC issue, or an SQL issue. You have not said what exactly you would like help with
UseCodeTags (click the link to find out more). Please click the button to go back and edit your post and add the code tags.
1) For starters log the values of password and username that you have retrieved from the database. They are an obvious mismatch from the input values thats why you are not being authenticated.
2) You are retrieving all the rows from your database table. Which means that even if your password and username is correct but there are more than one sets of correct username's and passwords your program has a high chance of not working.
So retrieve a row using the specific username in the WHERE clause. It will help.
3) Also preferred is that you should log the values you have retrieved from the request scope by first reading them into a string variable.
Also can you check the server logs. I have a feeling your database call might be failing but is getting caught in the catch-block and absorbed. Check your server logs first to confirm if you have any errors.
author and jackaroo
You are not using the ServletConfig in the code you presented - while not causing a problem, it is generally considered a good thing to only have the minimum code needed to solve your problem (or to demonstrate your problem).
The code:is creating a new String object on a static String object. So at the end of running those lines of code, you will have 3 instances of the "" string - not very efficient. For your purposes, you could get away with
You are potentially leaking connections to your database since you are not closing the Connection you have created. In addition, if there is any exception in any part of your code you will potentially also leak the ResultSet and the Statement. You should change the logic to use a try...catch...finally block. For example:
Side note: most people who are dealing directly with databases like this (rather than using a framework), tend to have a utility class that has methods for each of these, such as "closeResultSet", "closeStatement" and "closeConnection". They often also have multiple overriden "close" methods that then close whatever they are passed, even if they are passed multiple objects and/or alternating orders of objects.
You might also want to think about whether you really want to be opening and closing your connection (and loading your JDBC driver) every time you process a user request - lines 21,22,24,25,29 and 31 might be better in your init method (and loading the database configuration details based on the ServletConfig is generally considered a good thing).
In the code I showed above I have followed your convention of sending error information to standard out and standard error. This is not a good idea - depending on how your system is configured you may not ever see it. You really should learn to use the logger and send your log message to a guaranteed location.
I suspect that the problem is with your database code, not your web based code. You could test this quite easily by changing your doPost method to work without DB connectivity. For example:
See if you can login with the hard coded credentials there. If you can, then the problem is in the database code, and we can address that separately.
Joined: Nov 17, 2009
first of all thank you very very much for all of you who respond to this topic
Sir Andrew, i tried you're hard coded credentials and it able to proceed successfully
Joined: Dec 01, 2008
Good so that pretty much solves your problem. There is an error in the database retrieval of the username and password. Please look into the server logs, identify the issue and then go ahead and solve it / log it in the correct forum.