Win a copy of Micro Frontends in Action this week in the Server-Side JavaScript and NodeJS forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

user authentication servlet problem

Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Hi ,

i created one servlet for username and password validation.It works fine only for one user.If i create new user then i can able to login in with that new user only not with any another username and password(previous user).I doubt my servlet is not working properly.I will share my servlet code ...please check my code and rectify where i went wrong.Kindly suggest any ideas to work with all new username and password.As am novice in servlet concepts.After the user validation then only i can go further pages to develop.One more thing the else part is not working fine.If the user is not valis it will stay in that page but doesnt show the error message.Please help me.

seevlet code::
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
import java.util.*;

public class School extends HttpServlet{

public void service (HttpServletRequest request, HttpServletResponse response)
throws ServletException,IOException
PrintWriter out = response.getWriter();
RequestDispatcher dispatcher=null;
Connection conn = null;
String url = "jdbc:mysql://localhost:3306/track?user=root&password=root" ;
String driver = "com.mysql.jdbc.Driver";
String username=new String("");
String password=new String(" ");
//String user=request.getParameter("user");
//String pass=request.getParameter("pass");
String strQuery= "";
Statement st=null;
ResultSet rs=null;
//HttpSession session = request.getSession(false);

try {
//conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/track","root","root");
//strQuery="select * from user where userID='"+user+"' and password='"+pass+"'";
strQuery="select userID,password from user";

st = conn.createStatement();
//rs=st.executeQuery("select * from user where userID='"+user+"' and password='"+pass+"'");
rs = st.executeQuery(strQuery);

int count=0;


catch(Exception e)

String user=request.getParameter("user");
String pass=request.getParameter("pass");
if(username.equals(user)&& password.equals(pass))
dispatcher = request.getRequestDispatcher("Second.jsp");
dispatcher.forward( request, response);

request.setAttribute("errorMessage", "Invalid username or password");
//out.println("Invlid Login/password");
dispatcher = request.getRequestDispatcher("Track.jsp");
dispatcher.forward( request, response);



Any help and suggestions would be appreciated.
Ranch Hand
Posts: 148
Hibernate Tomcat Server Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi keerthana kuruba,

The error lies in your query.

strQuery="select userID,password from user";

Above query selects all records in "user" table and again you are iterating over the whole Recordset,thus username and password
gets the latest/last record value.

I have modified your code little bit,try it.Hope it will work.

Ranch Hand
Posts: 75
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Small correction to the modified code:
The code is vulnerable to SQL Injection since you are using literals in your SQL (using statement). Use prepared statement and then set the values for the username and password(so that you will be binding the user name).
Warning! Way too comfortable! Do not sit! Try reading this tiny ad instead:
Thread Boost feature
    Bookmark Topic Watch Topic
  • New Topic