Viv Singh

Ranch Hand
+ Follow
since Nov 08, 2008
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Viv Singh

Hey

I am having problems with escaped characters.

I have the following scenario:



For example if excl.get(0) includes the following string: Exp\s*

and I print the expression with an alert statement in the update function I get Exps* without the "\".

How can I make sure the "\" is not cut off?

thanks.
Hi,

I have a form that is submitted using the POST method.

In my servlet I get the values using the getParameter() method. I am having a problem with "escape" characters. Whenever, I enter e.g. an expression like Exp\s*Test in a field what I receive in the servlet is Exps*Test. Basically it "cuts out" the "\" from the expression. Is there a way of getting the full entered expression?

thanks.
14 years ago
Hi,

I wont be able to use the spring framework.

Am I doing something wrong in my web.xml where I define the security rules?

E.g. If the user with the role 7 tries to access porta/users.jsp I get the 403 (HTTP Status 403 - Access to the requested resource has been denied) error but if the user with the role 7 tries to access statistics.jsp it works perfectly fine.

Any help or suggestions will be appreciated.
14 years ago
I am having problem with specifying the security controls:

I have 6 roles in the system 1,2,3,...6.

index.jsp and logout.jsp should be accessible for all roles.
Whereas other resources are restricted.

I did the following:



However, this is not working. E.g. if i have a user with the role 7 and I try to access users.jsp I get the 405 error.

Any help will be appreciated.
15 years ago

Mark Spritzler wrote:Personally, I have always hated the binary solution to solve problems like this. Mostly because of maintenance issues. Lets say a new role gets added, lets say you get a new developer and you are no longer there. They now have to go and try and figure out what was done.

Also, having individual names for each role is so much easier to understand and therefore maintain.

Maintenance is the #1 most expensive part of software development, so anytime you can use a simpler cleaner solution the better.

My 2 cents.

Mark



Thanks. Could you suggest any other solution?
15 years ago
I solved it using the "binary system".

I have a question about the security configuration in the web.xml now:

The system contains 8 roles (2^3) as I have three "types" of resources.

000 - Role: 0
001 - Role: 1
010 - Role: 2
011 - Role: 3
100 - Role: 4
101 - Role: 5
110 - Role: 6
111 - Role: 7

Now I did the following in the web.xml:



(This does not show all the pages, just a part of it).

E.g. the user with the roles either 4 or 5 or 6 or 7: should be able to see/access the following:
portal/index.jsp, portal/logout.jsp, portal/page1.jsp, portal/page2.jsp and portal/page3.jsp

Is this the correct way of implementing the security, or do I have to specifiy the constraint of each type of role seperate?

thanks in advance.
15 years ago
Hi,

I have the following scenario (requirement in the specification).

I have implemented a web interface to create a new user in the system. Now each user can have different roles which can be selected by HTML checkboxes.
The fact is that each role (checkbox) specifies which jsp pages in the system can be accessed.
E.g. if the checkbox with the role "0" is selected the user can "view" the tools.jsp and tools2.jsp pages.
if the checkbox with the role "1" is selected then the user can "view" users.jsp.
If both checkboxes "0" and "1" are selected then the authenticated user can view tools.jsp, tools2.jsp and users.jsp.

In my database I have a users table which is used to retrieve the role. I only have 1 column in the database for the role.
What is the best way to implement this scenario?
Shall I assign different role names for each possible value e.g. checkbox1 selected and checkbox2 unselected = 0, checkbox1 unselected and checkbox2 selected = 1, checkbox1 unselected and checkbox2 unselected = 2, etc.?

Thanks for any advice and help.
15 years ago

Bear Bibeault wrote:
Simply forward to the JSP page as per usual after a servlet controller has finished its task and pass the message invisibly as a request-scoped variable.



How can I pass the message invisibly as a request-scoped variable?
Would you please be so kind and give a short example?

Thanks.
15 years ago

Bear Bibeault wrote:Make up your mind. Do you want to forward or redirect?



I just want to "get back" to page1.jsp and would like to show a message on that page after the request was handled by the servlet.
15 years ago
E.g.:



works perfectly fine. However, rather than sending the status as part of the url (query string?), is there any other way?

thanks in advance.
15 years ago
Is there any other way of solving the problem of not sending the error message string as part of the url?
15 years ago

Duc Vo wrote:

Viv Singh wrote:
I dont want to send the message as part of the url as posted before.


You have to use response.sendRedirect() to achieve that, now to pass the message back from servlet, you'll have to use query string on the redirecting uri.
Anyway, why don't you want the client to see the servlet uri?



I don't want to pass the error message e.g. "Your request could not be processed" in the URL like page1.jsp?message=Your%20request........
15 years ago
Thanks for you reply. Could you please give me an example of how to implement that. The thing is that I want to send a message back to the client which should be displayed in the HTML file.

I tried the following and therefore used RequestDispatch initially:



I dont want to send the message as part of the url as posted before.

Thanks in advance.
15 years ago
I have tried the following:



And I get the following error message:

"
HTTP Status 404 - /http:/localhost:8080/tool/portal/page1.jsp

type Status report

message /http:/localhost:8080/tool/portal/page1.jsp

description The requested resource (/http:/localhost:8080/tool/portal/page1.jsp) is not available.
Apache Tomcat/5.0.30
"

And I have also tried this:



And I get this error message:

"
HTTP Status 404 - /tool/portal/page1.jsp

type Status report

message /tool/portal/page1.jsp

description The requested resource (/tool/portal/page1.jsp) is not available.
Apache Tomcat/5.0.30
"
15 years ago
Thanks, but this is what I am already doing. The problem is with the URL, I get redirected to a "wrong path".
15 years ago