• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

JSP servlet validation

 
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I m trying to fetch data to match credentials
like


in else part I m redirecting to login page with message

in front end part



but the problem is the set message in else part is not proper working here sometimes it shows but on refreshing it does not disappear
why?
 
Saloon Keeper
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ugh, Java code in JSPs :-( That was a thing 20 years ago, but not since.

catch (Exception e) {   }


Empty catch handlers are almost always a red flag. How will you find out about problems? At the least, print the exception message to where you will see it.

Overall, it sounds like things are working fine. You store something in a session, and remove it once it's displayed. So if you reload the page, it's gone. What else did you expect to happen?
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
on reloading msg remains there that's the problem i m facing.
 
Tim Moores
Saloon Keeper
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
We don't know the flow of control. If the value is set again during the reload, it will be displayed again.
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
code seems to be perfect but I don't know why msg don't disappear
 
Tim Moores
Saloon Keeper
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:We don't know the flow of control.


Which means we're not in a position to suggest anything. But you are in a position to provide us with a lot of information about it, which would help us help you.
 
Saloon Keeper
Posts: 28325
210
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:Empty catch handlers are almost always a red flag.



Empty catch handlers can incite me to violence if I have to debug your code.

And DEFINITELY, Don't use scriptlets for this kind of stuff!

In fact, don't write your own login and security code. Use the JEE standard security.
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
what are the JEE standard security?
 
Tim Holloway
Saloon Keeper
Posts: 28325
210
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

obaid abbassi wrote:what are the JEE standard security?



JEE standard security is the Authentication and Authorization component of the JEE standard. It is supported as a core part of all JEE-compliant webapp servers, including Tomcat and jetty. It is a container-managed security system, so although there are methods that can be used in application code, much of its function is automatic.

You define a webapp's security in the WEB-INF/web.xml, although some of its features are now also available via annotations. The web.xml defines what URL patterns require an authenticated/authorized user and the type of login process the server will use when a user needs to log in - either Basic (no longer recommended), or Form-based.

For form-based authentication, you define 2 pages in your web.xml: the "login" and "loginfail" page. The login page will be automatically sent if you attempt to access a secured URL and are not yet logged in. It should have a form that has input fields for the user ID and password. The loginfail page acts just like the login page except that you can make it say something like "Login failed, Please login".

While login is active, the original URL request is parked. Once login succeeds, then the original request is resumed. This is transparent to the application. What is important, is that if the user fails to login, the URL never reaches the application and therefore cannot exploit possible weaknesses/bugs in the application. The server itself blocks the request.

An authenticated user can be assigned one or more security roles. So, for example, someone with the role "auditor" may be able to look at things, someone with the role "clerk" may be able to do data entry, and someone with the role "manager" may be able to do all sorts of things.

To define users, passwords and roles, you need some sort of "database". This may be an actual SQL DBMS, an Active Directory/LDAP server, a simple XML file (good for testing), a web service, or any other component that implements the JEE authentication and authorization functions. This component is called a Realm and it is defined as part of the application deployment process. In Tomcat, it's defined in a Context. Because it's defined to the server and not inside the webapp, you can change Realms without changing application code. So, for example, I could use a tomcat-users.xml file to test my webapp and a database for production security.

When a user has been authenticated, the HttpServletRequest getRemoteUser() method will return the userid. This method returns null if the user is not logged in. There's also a getUserPrincipal method, but that's not generally useful for apps.
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
in short you mean we should not use our own logic while authenticating credentials right?

if so please provide me link where I can learn it.
 
Tim Holloway
Saloon Keeper
Posts: 28325
210
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

obaid abbassi wrote:in short you mean we should not use our own logic while authenticating credentials right?

if so please provide me link where I can learn it.



Yes, all the logic is provided by your server. No user code needed.

This is probably a good intro. Although they talk about servlets, anything with a URL, such as a JSP is also covered by this mechanism:

https://docs.oracle.com/cd/E19226-01/820-7627/bncby/index.html
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
ONE MORE PROBLEM I M RETURNING MY ALL LIST FROM DB IN SERVELT BUT IN SERVELET LIST NOT DISPLAY ALL ITEMS IT SHOWS ONLY ONE ITEM MUTIPLE TIME
 

HERE IS SERVELET CODE


 
Tim Holloway
Saloon Keeper
Posts: 28325
210
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
PLEASE DON'T TYPE ALL CAPS. It reads like you are shouting and it distracts.

Class.forName() is obsolete. Delete that line. You don't need it at all.

Don't name a class with an initial lower-case letter ("notes"). Java doesn't care, but the convention is that class names start with a capital letter ("Notes") and some Java tools get unhappy.

Try not to add too many blank lines to your code. It's hard to read.

The reason why you're getting the same line multiple times is that you keep adding the same "obj" over and over again. You need to put this statement INSIDE the while(rs.next()) {} loop:
  Notes obj = new Notes(); // Note that I am properly capitalizing the class name.

You were allocating obj OUTSIDE of the loop which is why the same value of obj was going into every spot on the list.
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for your kind reply and suggestions!

I m performing delete operation on clicking my note should I redirect to jsp or servelt for further process.If I want to get my notID through hidden field I receive null in servelt what to do



Should I need some JS for removing card from frontend?
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have another logic in my mind.I should receive parameters in
del.jsp through  <a href="del.jsp?Id=<%=n.getNoteID()%>"> then from del.jsp  to servlet to perform database operation if operation success I should redirect my page to main notes.jsp
is it worthful?
 
Tim Holloway
Saloon Keeper
Posts: 28325
210
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I cannot speak for your logic needs, but instead of this:


Try this:


The "${n.noteID}" is Unified Expression Language and it's one of the reasons scriptlets are obsolete, as you can see that it's much simpler and there are fewer delimiters that have to be done just right.

It's important to note that it's "n.noteID" and not "n.NoteID", even though the getNoteID() method gets called either way. "noteID" is the "n" bean's property name, getNoteID() is its property access method. This is why proper capitalization is so important in developing in Java.
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
<a href="edit.jsp?Id=${n.noteID}&Id2=${n.noteName}Id3=${n.noteDescription}">

I m sending three queries is it a good practice or I should use session object?
 
Tim Holloway
Saloon Keeper
Posts: 28325
210
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Are you sending three separate URLs or just one URL with 3 parameters? Because only if you have more than 1 URL would you have 3 separate queries. And you can only click on one link at a time!
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I want to get these three parameter to update my input field

in next page.
 
Tim Holloway
Saloon Keeper
Posts: 28325
210
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Then this is the URL that your JSP should present:

You left out a "&".
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
one more problem is by doing the query parameter the input shows only one word
e:g
I like programing
input value field shows only I
 
obaid abbassi
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
out.println("complete string is shown")

but in input field whener space within string the value not works

like
<input type=text  value="complete string
 
if you think brussel sprouts are yummy, you should try any other food. And this tiny ad:
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic