aspose file tools*
The moose likes JSF and the fly likes Bean values not getting displayed on JSF page Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSF
Bookmark "Bean values not getting displayed on JSF page" Watch "Bean values not getting displayed on JSF page" New topic
Author

Bean values not getting displayed on JSF page

Anirudh Jyothi
Greenhorn

Joined: Sep 13, 2013
Posts: 1
This is what I am trying to achieve:

1) When the user tries to login using his userid/password, these credentials are validated against my database table to make sure the user is valid.
2) When the validation passes, I retrieve some of the details about the user and display those values in the JSF page immediately after logging in.

Both these two process happen upon one single click (ie) while the user inputs his userid/password and hits submit.

What I did:

When the user hits submit upon logon, I use a query to check the values against a table in a bean called "login" (managedbean name). When the values are present in the table, I use another query to retrieve the user's other information and populate these values in the setter methods in another bean called "fields". Now, using faces redirect, I pass the name of the JSF page called "userindex.xhtml". Now, I simply try to access the getter methods of the "fields" bean to display in the userindex page.

The first two queries run successfully. The only problem seems to be that the "fields" bean object is initialized/recreated when I try to access its values from the "userindex" page. Please correct me if I am wrong.

To summarize, I used a bean "login" to verify user input values with a backend table, accessed another bean called "fields" from the login bean to set all user related information and used these "fields" values to populate in the "userindex" page.

The code snippets are given below:

**Login page:**

<h:form style="margin:auto;width:90%;height:98%;text-align:left; background-color: whitesmoke; border-top-style: outset ">
<p:panelGrid columns="2" style="margin-left:400px">
<h:outputLabel for="npi" value="Enter your NPI: *" />
<p:inputText id="npi" value="#{login.contactid}" label="NPI" />

<h:outputLabel for="pwd" value="Password: *" />
<p:password id="pwd" value="#{login.pwd}" required="true" label="password"/>


<f:facet name="footer">
<p:commandButton id="prologin" value="Login" action="#{login.checkUser()}" />

</f:facet>

</p:panelGrid>
</h:form>

**Login bean:**

package com.superlist;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.List;
import javax.annotation.Resource;
import javax.faces.application.FacesMessage;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ManagedProperty;
import javax.faces.bean.SessionScoped;
import javax.faces.context.FacesContext;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.sql.DataSource;


@ManagedBean(name = "login")
@SessionScoped

public class UserBean {


@ManagedProperty(value = "#{fields}")
private ProviderFieldsBean fields;

public void setFields(ProviderFieldsBean fields) {
this.fields = fields;

}

private String contactid;
private String pwd;


@Resource(name = "jdbc/mysuperlist")
private DataSource ds;

PreparedStatement searchQuery, query = null;
Connection conn = null;
ResultSet rs, rs1;

public void UserBean() {
try {
Context ctx = new InitialContext();
ds = (DataSource) ctx.lookup("java:comp/env/jdbc/mysuperlist");
} catch (NamingException e) {
e.printStackTrace();
}
}

/**
* @return the firstname
*/
public String logout() {
FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
return "index.xhtml?faces-redirect=true";
}

/**
* @return the pwd
*/
public String getPwd() {
return pwd;
}

/**
* @param pwd the pwd to set
*/
public void setPwd(String pwd) {
this.pwd = pwd;
}

/**
* @return the contactID
*/
public String getContactid() {
return contactid;
}

/**
* @param contactID the contactID to set
*/
public void setContactid(String contactid) {
this.contactid = contactid;
}

public String checkUser() throws SQLException {


System.out.println("inside check provider");
String url;
int rowcount = 0;

try {

conn = ds.getConnection();
String q = "Select npi from providerlogin where npi =" + "'" + contactid + "'"
+ " and password=" + "'" + pwd + "'";

System.out.println("query is " + q);
searchQuery = conn.prepareStatement(q);
rs = searchQuery.executeQuery();

rs.last();
rowcount = rs.getRow();
rs.beforeFirst();
System.out.println("total no of rows is " + rowcount);


if (rowcount > 0) {
String q1 = "select ContactID, FirstName,LastName,Email,Phone from fulltable where ContactID = "
+ "'" + contactid + "'";
query = conn.prepareStatement(q1);
System.out.println("the query is " + q1);
rs1 = query.executeQuery();

while(rs1.next())
{
fields.setAll(rs1.getString(2),rs1.getString(3),rs1.getString(4),rs1.getString(5));

}

}
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
conn.close();
searchQuery.close();
query.close();
} catch (Exception e) {
e.printStackTrace();
}

}

if (rowcount > 0) {
System.out.println("rowcount > 0");
url = "userindex?faces-redirect=true";
}
else {
System.out.println("rowcount = 0");
FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, "User Error", "Invalid creditientials"));
url = "login?faces-redirect=true";
}

return url;
}


**Fields bean:**


package com.superlist;

import java.io.Serializable;
import java.sql.SQLException;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ManagedProperty;
import javax.faces.bean.SessionScoped;

@ManagedBean(name="fields")
@SessionScoped

public class ProviderFieldsBean{
private String firstname;
private String lastname;
private String contactid;
private String phone;
private String email;


public ProviderFieldsBean(){

}

public void setAll(String firstname, String lastname, String email, String phone)
{

this.firstname = firstname;
this.lastname = lastname;
this.email = email;
this.phone = phone;
}

public String getFirstname() {
return firstname;
}

public void setFirstname(String firstname) {
this.firstname = firstname;
}

public String getLastname() {
return lastname;
}

public void setLastname(String lastname) {
this.lastname = lastname;
}


public String getPhone() {
return phone;
}


public void setPhone(String phone) {
this.phone = phone;
}

public String getEmail() {
return email;
}

public void setEmail(String email) {
this.email = email;
}
}


**Userindex page**

<h:form style="margin:auto;width:90%;height:98%;text-align:left; background-color: whitesmoke; border-top-style: outset">

<h:panelGrid columns="2" style="margin-left:350px;">
<f:facet name="header">
Your details
</f:facet>

<h:outputLabel for="firstname" value="Firstname: *" />
<h:outputText id="firstname" value="#{fields.firstname}" />

<h:outputLabel for="surname" value="Surname: *" />
<h:outputText id="surname" value="#{fields.lastname}"/>

<h:outputLabel for="email" value="Email: *" />
<h:outputText id="email" value="#{fields.email}"/>
<f:facet name="footer">
<p:commandButton type="button" value="Update!" icon="ui-icon-check" style="margin:0"/>
</f:facet>
</h:panelGrid>

</h:form>

Please let me know how to proceed on this. Any help is greatly appreciated. Thanks in advance!
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16250
    
  21

Welcome to the JavaRanch, Anirudh!

The message editor has a "Code" button that can wrap special formatting tags around code and XML samples. That makes them easier to read. You will also get more/better help if you can reduce the amount of code you post to the essentials. We don't get paid for doing this, so when it's necessary to print out a sample and pore up and down the listing to see what's going on, chances are that few will bother.

I haven't determined what your specific problem is, but I can tell you this. If you publish that webapp out to the open Internet, chances are that it will be hacked to pieces in under 15 minutes.

I always warn people that they should use J2EE's built-in security system unless they have very specific reason not to AND are security specialists. Essentially every user-designed J2EE login/security system I've seen has been easily hackable. And I've worked with some pretty high security projects.

In your specific case, however, you have a blatant opening for a SQL injection attack. I could potentially erase your entire database from the login screen. Without ever actually logging in at all.


Customer surveys are for companies who didn't pay proper attention to begin with.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Bean values not getting displayed on JSF page