This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Dynamic control of textbox

 
Avik Mazunder
Ranch Hand
Posts: 39
Chrome Eclipse IDE Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want to change the border colour of textbox if someone enter wrong password....Is there any method for changing border colour dynamically??
 
Tim Holloway
Saloon Keeper
Pie
Posts: 17626
39
Android Eclipse IDE Linux
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes. Add a "styleClass" attribute to the control and make its value be an EL expression based on whether the password is right, empty, or wrong.

Although actually telling someone that their password specifically is wrong is considered bad security practice if the password is being combined with other security tokens such as userIDs. In such cases, the recommended response is simply to indicate that one or more of the tokens is invalid. Otherwise, hackers know which tokens they have that work and don't need to do as much work to find the values of the remaining tokens.
 
Avik Mazunder
Ranch Hand
Posts: 39
Chrome Eclipse IDE Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Tim Holloway wrote:Yes. Add a "styleClass" attribute to the control and make its value be an EL expression based on whether the password is right, empty, or wrong.


Can you give me an example please??
Thanks
 
Cesar Alforde
Greenhorn
Posts: 3
Java Netbeans IDE Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
when you keep a secret, the less information you give is the better, if you say "you password is wrong" at the same time the hacker says "ahh but the username is correct!" , then he just have to find the right password not both, or he can use this info that you leaked to find more usernames. For this reason is better just to say "Username or password incorrect"

 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic