Win a copy of Escape Velocity: Better Metrics for Agile Teams this week in the Agile and Other Processes forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Tim Cooke
  • Paul Clapham
  • Jeanne Boyarsky
Sheriffs:
  • Ron McLeod
  • Frank Carver
  • Junilu Lacar
Saloon Keepers:
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Al Hobbs
  • Carey Brown
Bartenders:
  • Piet Souris
  • Frits Walraven
  • fred rosenberger

XML logon page?????

 
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i was wondering if it is possible to create a logon page using the information stored in XML document as shown
<?xml version = "1.0"?>
<SUBSTITUTELIST>
<TEACHER
<NAME>
<LAST_NAME></LAST_NAME>
<FIRST_NAME></FIRST_NAME>
</NAME>
<LOG_IN_DETAILS>
<USERNAME></USERNAME>
<PASSWORD></PASSWORD>
</LOG_IN_DETAILS>
<ADDRESS>
<HOUSE_NUMBER></HOUSE_NUMBER>
<STREET_NAME></STREET_NAME>
<TOWN></TOWN>
<POSTCODE></POSTCODE>
</ADDRESS>
<CONTACT_NUMBERS>
<DAYTIME_NUMBER></DAYTIME_NUMBER>
<EVENING_NUMBER></EVENING_NUMBER>
<MOBILE_NUMBER></MOBILE_NUMBER>
</CONTACT_NUMBERS>
<DATE_OF_BIRTH>
<DAY></DAY>
<MONTH></MONTH>
<YEAR></YEAR>
</DATE_OF_BIRTH>
<SEX></SEX>
<QUALIFICATION>
<TYPE></TYPE>
<NAME></NAME>
<START_DATE></START_DATE>
<END_DATE></END_DATE>
</QUALIFICATION>

</TEACHER>

can i do this using javascript and XML and the DOM?
help i am a beginner
 
author
Posts: 11962
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You could write a JavaScript function which is called on form submit, but that would mean that the XML file containing your precious user database would be accessible to the whole wide world...
Would it be possible to use server-side technologies such as JSP/Servlets for the login page?
 
Roisin Dunne
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
do i have to do it using jsp then?
is that easy enough to do or not?
 
Lasse Koskela
author
Posts: 11962
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

do i have to do it using jsp then?


Well, a real-life login screen can only be implemented using some sort of server-side technology. JSP is as good a choice as any other in that regard.

is that easy enough to do or not?

Well, a form-based login screen is part of pretty much any J2EE/JSP book I've seen.
 
Roisin Dunne
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks
 
author
Posts: 91
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You could do that. Then again, you could pound a nail into wood using the round end of a screwdriver. It would be much more convenient to use a hammer. In this case, the hammer is XSLT, which should be your first resort for all sorts of transformation problems like this one.
That being said, as several others have pointed out, you'll still need something on the server that processes the logins. XML itself will not do it for you. You may transform your XML documents into HTML pages with forms that reference some server side program. They could even transform directly into JSP or ASP code. Even better, you could use XSLT to generate .htaccess files that would enable real, standards conformant HTTP authentication instead of the brain-damaged, broken cookies-base authentication used by a lot of sites.
This is not a trivial operation, no matter how you approach it. But it's definitely in the realm of the possible.
 
Ranch Hand
Posts: 3178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Elliotte Rusty Harold:
You could do that. Then again, you could pound a nail into wood using the round end of a screwdriver. It would be much more convenient to use a hammer. In this case, the hammer is XSLT, which should be your first resort for all sorts of transformation problems like this one.


Hi Mr.Harold,
The round end of a screwdriver mostly is made of plastic... Sometimes that plastic end may be broken, when pounding a nail, since a nail is made of iron and it's a lot harder than fragile plastic end of the screwdriver...
In Roisin Dunne's XML, I guess it's vulnerable to the system, since it's not like relational database and no authorization needed to get into that XML document page... it might become a security hole for the user-password storage...
What is your opinion on that kind of storing username-password in XML, Mr.Harold?
Thanks for being here....
 
Lasse Koskela
author
Posts: 11962
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Ko Ko Naing:
What is your opinion on that kind of storing username-password in XML, Mr.Harold?


(slipping into my Elliotte Harold disguise...)
I think storing username/password info in XML is fine if the file can only be accessed securely or if the application replaces the password with a hash upon startup. At least BEA is doing this with their WebLogic config.xml file.
 
Ko Ko Naing
Ranch Hand
Posts: 3178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Lasse Koskela:

(slipping into my Elliotte Harold disguise...)
I think storing username/password info in XML is fine if the file can only be accessed securely or if the application replaces the password with a hash upon startup. At least BEA is doing this with their WebLogic config.xml file.


Using hash is reasonable, instead of storing plain text... But we do need to take care about the accessibility to that XML document so that it won't become a security hole for our (beloved) hackers...
 
Roisin Dunne
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Does anyone have any idea of how i woul do this if security was not considered! just a login in page which opens a particular page depenidng on which user has logged in?
 
Lasse Koskela
author
Posts: 11962
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Generate an HTML page containing a JavaScript function which gets called upon form submit (using the onsubmit attribute for the <form> element). The JavaScript function fetches the XML document from somewhere (could be on a web server, could be embedded into the HTML source code), figures out whether the user-provided username/password combination matches those in the XML, and loads the next URL accordingly.
PS. I'd suggest taking this into the HTML/JavaScript forum if you're going to use JavaScript.
 
And inside of my fortune cookie was this tiny ad:
Garden Master Course kickstarter
https://coderanch.com/t/754577/Garden-Master-kickstarter
reply
    Bookmark Topic Watch Topic
  • New Topic