This week's book giveaway is in the Server-Side JavaScript and NodeJS forum.
We're giving away four copies of Node.js Design Patterns: Design and implement production-grade Node.js applications using proven patterns and techniques and have Mario Casciaro & Luciano Mammino on-line!
See this thread for details.
Win a copy of Node.js Design Patterns: Design and implement production-grade Node.js applications using proven patterns and techniques this week in the Server-Side JavaScript and NodeJS forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

with out authentication it is forwading to another page

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
sri,
I created two files

1.password.html

<html>
<head><title>password</title>
</head>
<body>
<form name="abc" action="pass.jsp" method="POST">
<input type="text" name="userid" size="25" value="">
<input type="password" name="pass" size="25" value="">
<input type="submit" name="tn1" value="Submit" >
<input type="reset" name="tn2" value="Reset">
</form>
</body>
</html>

and another
2.pass.jsp

< %@page contentType="text/html" pageEncoding="UTF-8"%>
<%@ page language ="java" %>
<%@ page import="java.sql.*, javax.sql.*,javax.naming.*,java.io.*,java.util.*" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSP Page</title>
</head>

<body>
<% String userid = request.getParameter("userid");
String password = request.getParameter("pass");
try
{
Connection connection = null;
Statement st = null;
ResultSet rs = null;
Class.forName("oracle.jdbc.driver.OracleDriver");
connection = DriverManager.getConnection("jdbc:Oracle:thin:@localhost:1522:xe","system","kis");
st = connection.createStatement();
rs = st.executeQuery("select username from password where username='" + userid + "' and password='" + password + "'");
out.println("Valid==" + rs);
if (rs.next())
{

String UserID = rs.getString("username");
out.println("Valid user=" + UserID);
%>
<jsp:forward page="/registration.jsp" />
}
else
{

out.println("Invalid user"); %>
<jsp:forward page="/invalid.jsp" />
<% } rs.close();

}
catch (Exception ex)

{
out.println(ex.getMessage());
out.println("Unable to connect to database."); } %>
</body>
</html>


Problem :
---------

In pass.jsp I used <jsp:forward page="/registration.jsp" /> to open another window when userid and password matchs with userid and password of database then only it opens another window registration.html . Problem is if user knows registraion.html directly ,he is not using password.html. without entering into password.html he is directly entering into registration.html.Above code is not perfectly authenticated He has to access it only after password.html i.e he should get permission from password.html to access registration.html.

Please help me to solve my problem.

[ July 21, 2008: Message edited by: kishore rowthu kumar ]

[ July 21, 2008: Message edited by: kishore rowthu kumar ]
[ July 21, 2008: Message edited by: kishore rowthu kumar ]
 
Ranch Hand
Posts: 5575
Eclipse IDE Windows XP Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

use <security-constraint> in web.xml...for information please search the Google
 
Bartender
Posts: 2856
10
Firefox Browser Fedora Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can also solve this problem using session management.
If the user is not authenticated just redirect him to the login page.
And try to keep all the pages dynamic.


Hope this helps
 
reply
    Bookmark Topic Watch Topic
  • New Topic