1. Kuldeepc...181,287
2. objects145,195
3. MuraliKanth131,666
4. rrz@87...104,038
5. CEHJ87,637
6. mrcoffee...85,801
7. dravidnsr55,520
8. a_b47,010
9. gibu_geo...44,153
10. mwvisa125,028
11. basav_com20,314
12. logudotcom18,980
13. karanw18,545
14. TomasHelgi18,140
15. Christofer...16,425
16. ioanton16,220
17. mplungjan15,910
18. mahome14,570
19. Ravi_Kalla14,485
20. kadaba13,702
21. bluebelldis...13,374
22. mrjoltcola11,680
23. jim_cakalic9,780
24. boonleng9,200
25. ksivananth9,125

1. bloodredsun1,155,574
2. objects799,909
3. rrz@87...656,909
4. TimYates610,346
5. Kuldeepc...588,974
6. kennethxu357,436
7. mrcoffee...346,617
8. boonleng220,840
9. jaggernat197,407
10. CEHJ192,439
11. fargo190,519
12. actonwang189,622
13. MuraliKanth157,391
14. suprapto45155,308
15. cheekycj109,407
16. karanw98,012
17. shivaspk83,767
18. sompol_k...77,717
19. jarasa72,005
20. jimmack67,806
21. TomasHelgi67,320
22. mayankea...67,068
23. gibu_geo...64,853
24. ldbkutty64,200
25. radarsh63,756

	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

05/22/2003 at 11:59PM PDT, ID: 20624104

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

4.6

JSP: Session: Need help trying to use session in JSP

Asked by f11 in Java Server Pages (JSP)

Tags: jsp, request, response, used, session

This is my servlet that authenticates a user and directs him/her to Lyn.jsp. However, if someone types in the URL of the file (e.g. http:localhost.../examples/jsp/Lyn.jp), they can still access the file. This is not that secure. i want to use a session to overcome this folly of mine but i don't know how. This is my servlet (auth.java). Can someone pls take a look and show me how to insert a 'working' session. i thank you for any help that you can provide. cheers!!
------------
auth.java
------------
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.util.*;
import java.sql.*;

public class auth extends HttpServlet {
      Connection conn;
      PrintWriter out;
String sqlQuery;
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {

String title = "Wellcome to your e-signON";
String usrname = request.getParameter("usrname");
String password = request.getParameter("password");
HttpSession session = request.getSession(true);

String usernameQuery = "select username from student where username = '" + usrname + "'";

      response.setContentType("text/html");
out = response.getWriter();

     conn = getConnection(out);

if (conn != null) {

try { // execute the query

Statement stmt = conn.createStatement();
ResultSet rst;

rst = stmt.executeQuery(usernameQuery);

// Fetch the query result, and dispaly them in a table
while (rst.next()) {
           if(usrname.equals(rst.getString("username"))) {
                        gotoPage("/jsp/Lyn.jsp", request, response);
                   } else {
                        gotoPage("/jsp/Error.jsp",request, response);
                  }
}
stmt.close();
} catch(Exception e) {
            out.println("Cannot fetch data from database!"+e);
};
}
closeConnection(conn, out);
}

public void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {

doGet(request, response);

}

private Connection getConnection(PrintWriter out)
{
String driverClassString = "oracle.jdbc.driver.OracleDriver";
String driverConnectString = "jdbc:oracle:thin:@teach:1521:teach";
String usrname = "s4001078";
String pwd = "df991546";

Connection conn = null;

try {
Class.forName(driverClassString);
conn = DriverManager.getConnection(driverConnectString, usrname, pwd);
}
catch (Exception e) {
out.println("Cannot close connect to database!"+e);
}
return conn;
}

private void closeConnection(Connection conn, PrintWriter out)
{
try {
conn.close();
}
catch (Exception e) {
out.println("Cannot close database connection!");
}
}

      public void gotoPage(String webAddress, HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
                  RequestDispatcher dispatcher =
                        getServletContext().getRequestDispatcher(webAddress);
                        dispatcher.forward(request, response);
}
}

View the Solution FREE for 30 Days

20090824-EE-VQP-74

JSP: Session: Need help trying to use session in JSP

Asked by f11 in Java Server Pages (JSP)

Tags: jsp, request, response, used, session

About this solution