steven_fl
asked on
Problem in JSP sessions
I am having a problem with sessions.
Even after the user logs out and logs in with a different name, the login screen shows the name of the previous user. When the user logs in after checking the user name and password I do the following.
<%
session=request.getSession (true);
session.setAttribute("user ",user);
%>
Then on every other page I write the following code to check for session.
<% if(request.isRequestedSess ionIdValid () )
{
my code
}
else
{ %>
Not a valid Session
<% } %>
In logout I am using the following code
<% session.invalidate(); %>
Why is this problem?
Secondly I want to know whether this methos of maintaining sessions is the right one or not and if it's not hte right one what's a right way to do it.
Plz help
Even after the user logs out and logs in with a different name, the login screen shows the name of the previous user. When the user logs in after checking the user name and password I do the following.
<%
session=request.getSession
session.setAttribute("user
%>
Then on every other page I write the following code to check for session.
<% if(request.isRequestedSess
{
my code
}
else
{ %>
Not a valid Session
<% } %>
In logout I am using the following code
<% session.invalidate(); %>
Why is this problem?
Secondly I want to know whether this methos of maintaining sessions is the right one or not and if it's not hte right one what's a right way to do it.
Plz help
<%
// in all other JSP pages
if(session.isNew())
{
response.sendRedirect("log inpage");
// or any other code
}
else
{
//your code
sessio.setMaxInactiveInter val(15); // for example here session validates for 15 minuites only
}
%>
// in all other JSP pages
if(session.isNew())
{
response.sendRedirect("log
// or any other code
}
else
{
//your code
sessio.setMaxInactiveInter
}
%>
ASKER
This has still not solved my problem.
The code for loginSubmit.jsp is:
<html>
<head><title>Login Submit</title></head>
<%String userName=request.getParame ter("userN ame");%>
<%String password=request.getParame ter("passw ord");%>
<jsp:useBean id="loginSubmitBeanId" scope="page" class="approval.LoginSubmi tBean" />
<jsp:setProperty name="loginSubmitBeanId" property="*" />
<body bgcolor="#ffffff">
<%!
String user;
String dept;
String pwd;
String grade;
%>
<%
user=(String)session.getAt tribute("u ser");
if(user!=null)
{
session.removeAttribute("u ser");
}
dept=(String)session.getAt tribute("d ept");
if(dept!=null)
{
session.removeAttribute("d ept");
}
grade=(String)session.getA ttribute(" grade");
if(grade!=null)
{
session.removeAttribute("g rade");
}
int val=loginSubmitBeanId.auth enticate() ;
if(val==1)
{
user=loginSubmitBeanId.u;
pwd=loginSubmitBeanId.p;
dept=loginSubmitBeanId.dep t;
grade=loginSubmitBeanId.gr ade;
session=request.getSession (true);
session.setAttribute("user ",user);
// session.setAttribute("pwd" ,pwd);
session.setAttribute("dept ",dept);
session.setAttribute("grad e",grade);
// response.sendRedirect("loc alRequest. jsp");
if(grade.equals("3") || grade.equals("1"))
{
response.sendRedirect("men u.jsp");
}
if(grade.equals("2"))
{
response.sendRedirect("adm inMenu.jsp ");
}
}
else
{
response.sendRedirect("log inFailed.j sp");
} %>
</body>
</html>
The code for LoginSubmitBean.java is
package approval;
import java.sql.*;
public class LoginSubmitBean
{
String userName,password;
public String u,p,dept,grade;
Connection con=null;
Statement stmt=null;
ResultSet rs=null;
//Access sample property
public String getUserName()
{
return userName;
}
public void setUserName(String userName)
{
this.userName = userName;
}
public String getPassword()
{
return password;
}
public void setPassword(String password)
{
this.password = password;
}
public int authenticate()
{
try
{
p=" ";
u=" ";
dept=" ";
grade=" ";
Class.forName("org.gjt.mm. mysql.Driv er");
con=DriverManager.getConne ction("jdb c:mysql:// localhost/ a");
stmt=con.createStatement() ;
rs=stmt.executeQuery(" select user_name,password,dept_id ,grade from user_details ");
while( rs.next() )
{
u=rs.getString("user_name" );
p=rs.getString("password") ;
dept=rs.getString("dept_id ");
grade=rs.getString("grade" );
if (u.equalsIgnoreCase(userNa me) && p.equals(password) )
{
return 1;
}
}
return 2;
}
catch(Exception e)
{
System.out.println(" catch of login beans");
return 2;
}
}
}
Even after one user logs out and logs in with a different name then it displays the name of the previous user. This happens only when they both have the same grade otherwise it gives correct results.
The code for loginSubmit.jsp is:
<html>
<head><title>Login Submit</title></head>
<%String userName=request.getParame
<%String password=request.getParame
<jsp:useBean id="loginSubmitBeanId" scope="page" class="approval.LoginSubmi
<jsp:setProperty name="loginSubmitBeanId" property="*" />
<body bgcolor="#ffffff">
<%!
String user;
String dept;
String pwd;
String grade;
%>
<%
user=(String)session.getAt
if(user!=null)
{
session.removeAttribute("u
}
dept=(String)session.getAt
if(dept!=null)
{
session.removeAttribute("d
}
grade=(String)session.getA
if(grade!=null)
{
session.removeAttribute("g
}
int val=loginSubmitBeanId.auth
if(val==1)
{
user=loginSubmitBeanId.u;
pwd=loginSubmitBeanId.p;
dept=loginSubmitBeanId.dep
grade=loginSubmitBeanId.gr
session=request.getSession
session.setAttribute("user
// session.setAttribute("pwd"
session.setAttribute("dept
session.setAttribute("grad
// response.sendRedirect("loc
if(grade.equals("3") || grade.equals("1"))
{
response.sendRedirect("men
}
if(grade.equals("2"))
{
response.sendRedirect("adm
}
}
else
{
response.sendRedirect("log
} %>
</body>
</html>
The code for LoginSubmitBean.java is
package approval;
import java.sql.*;
public class LoginSubmitBean
{
String userName,password;
public String u,p,dept,grade;
Connection con=null;
Statement stmt=null;
ResultSet rs=null;
//Access sample property
public String getUserName()
{
return userName;
}
public void setUserName(String userName)
{
this.userName = userName;
}
public String getPassword()
{
return password;
}
public void setPassword(String password)
{
this.password = password;
}
public int authenticate()
{
try
{
p=" ";
u=" ";
dept=" ";
grade=" ";
Class.forName("org.gjt.mm.
con=DriverManager.getConne
stmt=con.createStatement()
rs=stmt.executeQuery(" select user_name,password,dept_id
while( rs.next() )
{
u=rs.getString("user_name"
p=rs.getString("password")
dept=rs.getString("dept_id
grade=rs.getString("grade"
if (u.equalsIgnoreCase(userNa
{
return 1;
}
}
return 2;
}
catch(Exception e)
{
System.out.println(" catch of login beans");
return 2;
}
}
}
Even after one user logs out and logs in with a different name then it displays the name of the previous user. This happens only when they both have the same grade otherwise it gives correct results.
ASKER
The application is deployed on linux. This problem doesn't arise when the application is deployed on windows
it could be problem with browser cache
do one thing
put the following code in chearcache.inc and include it in all JSPs
<HEAD>
<META Http-Equiv="Cache-Control" Content="no-cache">
<META Http-Equiv="Pragma" Content="no-cache">
<META Http-Equiv="Expires" Content="0">
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
<META HTTP-EQUIV="EXPIRES" CONTENT="0">
<%response.setHeader("Cach e-Control" ,"no-cache ");respons e.setDateH eader("Exp ires",0);r esponse.se tHeader("P ragma","No -cache");r esponse.se tHeader("C ACHE-CONTR OL","NO-CA CHE");resp onse.setDa teHeader(" EXPIRES",0 );response .setHeader ("PRAGMA", "NO-CACHE" );%>
<META HTTP-EQUIV="EXPIRES" CONTENT="0">
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CHACHE">
</HEAD>
and take care that it should be at top and bottom of your html
i.e
<%@ page include="clearcache.inc %">
<html>
other html stuff
</html>
<%@ page include="clearcache.inc %">
do one thing
put the following code in chearcache.inc and include it in all JSPs
<HEAD>
<META Http-Equiv="Cache-Control"
<META Http-Equiv="Pragma" Content="no-cache">
<META Http-Equiv="Expires" Content="0">
<META HTTP-EQUIV="CACHE-CONTROL"
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
<META HTTP-EQUIV="EXPIRES" CONTENT="0">
<%response.setHeader("Cach
<META HTTP-EQUIV="EXPIRES" CONTENT="0">
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CHACHE">
</HEAD>
and take care that it should be at top and bottom of your html
i.e
<%@ page include="clearcache.inc %">
<html>
other html stuff
</html>
<%@ page include="clearcache.inc %">
and one more thing you need to do is
rs=stmt.executeQuery(" select user_name,password,dept_id ,grade from user_details ");
modify the above statement to
rs=stmt.executeQuery(" select user_name,password,dept_id ,grade from user_details where to_upper(user_name)='"+use rName.toUp per()+"' and password='"+password+"'");
may be database side and jsp side uppercase methods are wrong. put appropriate methods there
rs=stmt.executeQuery(" select user_name,password,dept_id
modify the above statement to
rs=stmt.executeQuery(" select user_name,password,dept_id
may be database side and jsp side uppercase methods are wrong. put appropriate methods there
and one more thing you need to do is
change the code like this in bean
public class LoginSubmitBean
{
private String userName,password;
private String u,p,dept,grade;
private Connection con=null;
private Statement stmt=null;
private ResultSet rs=null;
}
and access the information like this
bean.getUser() and bla bla bla
change the code like this in bean
public class LoginSubmitBean
{
private String userName,password;
private String u,p,dept,grade;
private Connection con=null;
private Statement stmt=null;
private ResultSet rs=null;
}
and access the information like this
bean.getUser() and bla bla bla
and one more thing you need to do in bean is
int flag=2; //initialise at starting of your method execution
if (u.equalsIgnoreCase(userNa me) && p.equals(password) )
{
flag=1;
}
}
flag=2;
}
catch(Exception e)
{
System.out.println(" catch of login beans");
flag=2;
}
close(con,stmt,rs);
return flag;
private satic void close(Connection c, Statement s, Resulset r)
{
try
{
if(r!=null) r.close(); if(s!=null) s.close(); if(c!=null) c.close();
}
catch(Exception ex)
{
}
}
int flag=2; //initialise at starting of your method execution
if (u.equalsIgnoreCase(userNa
{
flag=1;
}
}
flag=2;
}
catch(Exception e)
{
System.out.println(" catch of login beans");
flag=2;
}
close(con,stmt,rs);
return flag;
private satic void close(Connection c, Statement s, Resulset r)
{
try
{
if(r!=null) r.close(); if(s!=null) s.close(); if(c!=null) c.close();
}
catch(Exception ex)
{
}
}
ASKER
Still doesn't solve the problem
ASKER
I can't get the private variables work. If I declare them private they r not accessible from jsp page.
Suggestion:
and access the information like this bean.getUser() and bla bla bla
Comment: But even in the code I have shown I am using bean.getUser() etc.
Suggestion:
and access the information like this bean.getUser() and bla bla bla
Comment: But even in the code I have shown I am using bean.getUser() etc.
ASKER
This problem is only coming when the application is deployed in Linux. There is no such problem with windows.
>> if (u.equalsIgnoreCase(userNa me) && p.equals(password) )
>> {
>> flag=1;
>> }
>> }
>> flag=2;
sudhakar_koundinya, that's wrong, it end up with flag=2 always.
>> user=loginSubmitBeanId.u;
steven, shouldn't it be:
user = loginSubmitBeanId.getUserN ame();
and try to expire the menu.jsp and addmenu.jsp page.
>> {
>> flag=1;
>> }
>> }
>> flag=2;
sudhakar_koundinya, that's wrong, it end up with flag=2 always.
>> user=loginSubmitBeanId.u;
steven, shouldn't it be:
user = loginSubmitBeanId.getUserN
and try to expire the menu.jsp and addmenu.jsp page.
ASKER
Changed loginSubmitBeanId.u to loginSubmitBean.getUserNam e()
but still doesn't help.
How can I expire menu.jsp ???
but still doesn't help.
How can I expire menu.jsp ???
<% response.setHeader("pragma ", "no-cache");
response.setHeader("Cache- control", "no-cache, no-store, must-revalidate");
response.setHeader("Expire s", "01 Apr 1995 01:10:10 GMT"); %>
response.setHeader("Cache-
response.setHeader("Expire
ASKER
I am already including the file clearcache.inc as suggested by sudhakar_koundinya. Isn't that sufficient??
ASKER
The value that comes out of the bean is the right one. It's the session attribut that refuses to go even when I have used remove attribute.
steven,
i have faced the same problem earlier. session.setAttribute(), session.getAttribute() and session.removeAttribute() just refuse to work sometimes.
I suggest a much better option here.something that has worked for me when i have ported my application from a windows environment to a solaris enviroment. Hope it works for u as well.
Use, session.putValue(),getValu e() and removeValue(). Although depricated it gives 100% success.
So if u have an attribute say "name".
session.putValue("name","D eepak");
session.getValue("name");
When u wanna remove this stuff.
session.putValue("name",nu ll);
session.removeValue("name" );
session.invalidate();
Having said this, assuming that u have put that pragma-no cache code in ur header, u need to make/select one last setting on ur browser.
tools >> internet options >> settings >> every visit to the page.
Lemme know how it goes...
i have faced the same problem earlier. session.setAttribute(), session.getAttribute() and session.removeAttribute() just refuse to work sometimes.
I suggest a much better option here.something that has worked for me when i have ported my application from a windows environment to a solaris enviroment. Hope it works for u as well.
Use, session.putValue(),getValu
So if u have an attribute say "name".
session.putValue("name","D
session.getValue("name");
When u wanna remove this stuff.
session.putValue("name",nu
session.removeValue("name"
session.invalidate();
Having said this, assuming that u have put that pragma-no cache code in ur header, u need to make/select one last setting on ur browser.
tools >> internet options >> settings >> every visit to the page.
Lemme know how it goes...
ASKER
Even this doesn't work
ASKER
Its very strange. On some pages it shows the correct session value, on others it shows the previous users value.
How can one session variable store 2 different values at the same time???
How can one session variable store 2 different values at the same time???
ASKER
Its very strange. On some pages it shows the correct session value, on others it shows the previous users value.
How can one session variable store 2 different values in the same session????
How can one session variable store 2 different values in the same session????
ASKER
this is so trouble some!
Plz give some more suggestions.
Plz give some more suggestions.
Strange,
I have n't faced any problem using session.putAttribute or session.getAttribute
:-(
I have n't faced any problem using session.putAttribute or session.getAttribute
:-(
one more suggestion
though it is not necessary, just we try for this also
you are saying session=request.getSession (true);
temperorly comment this code , as you are invalidating the session in logout page
though it is not necessary, just we try for this also
you are saying session=request.getSession
temperorly comment this code , as you are invalidating the session in logout page
if the above doesn't work
do like this
if(session==null)
{
session=request.getSession (true);
}
do like this
if(session==null)
{
session=request.getSession
}
ASKER
Thanks for ur reply Sudhakar.
Are u using Linux?
This problem comes only in Linux and not in windows. Even deepak had this problem in Solaris.
Wonder what's the reason
;)
Are u using Linux?
This problem comes only in Linux and not in windows. Even deepak had this problem in Solaris.
Wonder what's the reason
;)
ASKER
Done that already, Sudhakar
even with putValue also i am not facing any problem
yes i am testing the sessions in both environments win2000 and redhat linux 7.1
ASKER
GOD HELP
>> Its very strange. On some pages it shows the correct session value, on others it shows the previous users value.
How can one session variable store 2 different values at the same time???
i want to see the code snippets of both pages, if you have no problem with that :-)
How can one session variable store 2 different values at the same time???
i want to see the code snippets of both pages, if you have no problem with that :-)
ASKER
After Deepak's suggestion I changed to put and get values but the same problem is with get and set attributes. Here the code i am showing has put and get.
Here is the login page.
loginSubmit.jsp
<%@ include file="clearcache.inc" %>
<html>
<head><title>Login Submit</title></head>
<%String userName=request.getParame ter("userN ame");%>
<%String password=request.getParame ter("passw ord");%>
<jsp:useBean id="loginSubmitBeanId" scope="page" class="approval.LoginSubmi tBean" />
<jsp:setProperty name="loginSubmitBeanId" property="*" />
<body bgcolor="#ffffff">
<%!
String user;
String dept;
String pwd;
String grade;
%>
<%
session.putValue("user",nu ll);
session.removeValue("user" );
session.putValue("dept",nu ll);
session.removeValue("dept" );
session.putValue("grade",n ull);
session.removeValue("grade ");
int val=loginSubmitBeanId.auth enticate() ;
if(val==1)
{
// user=loginSubmitBeanId.u;
user=loginSubmitBeanId.get UserName() ;
pwd=loginSubmitBeanId.getP assword();
dept=loginSubmitBeanId.dep t;
grade=loginSubmitBeanId.gr ade;
session=request.getSession ();
session.putValue("user",us er);
session.putValue("dept",de pt);
session.putValue("grade",g rade);
if(grade.equals("3") || grade.equals("1"))
{
response.sendRedirect("men u.jsp");
}
if(grade.equals("2"))
{
response.sendRedirect("adm inMenu.jsp ");
}
}
else
{
response.sendRedirect("log inFailed.j sp");
} %>
</body>
</html>
<%@ include file="clearcache.inc" %>
-------------------------- ---------- ---------- ---------- ---------- ---------- -------
And here goes LoginSubmitBean.java
package approval;
import java.sql.*;
public class LoginSubmitBean
{
private String userName,password;
public String u,p,dept,grade;
private Connection con=null;
private Statement stmt=null;
private ResultSet rs=null;
public String getUserName()
{
return userName;
}
public void setUserName(String userName)
{
this.userName = userName;
}
public String getPassword()
{
return password;
}
public void setPassword(String password)
{
this.password = password;
}
public int authenticate()
{
int flag=2;
try
{
p=" ";
u=" ";
dept=" ";
grade=" ";
Class.forName("org.gjt.mm. mysql.Driv er");
con=DriverManager.getConne ction("jdb c:mysql:// localhost/ a");
stmt=con.createStatement() ;
rs=stmt.executeQuery("SELE CT user_name,password,dept_id ,grade FROM user_details WHERE upper(user_name)='"+userNa me.toUpper Case()+"' and password='"+password+"'");
while( rs.next() )
{
u=rs.getString("user_name" );
p=rs.getString("password") ;
dept=rs.getString("dept_id ");
grade=rs.getString("grade" );
if (u.equalsIgnoreCase(userNa me) && p.equals(password) )
{
flag=1;
// return flag;
}
}
}
catch(Exception e)
{
System.out.println(" catch of login beans");
flag=2;
}
close(con,stmt,rs);
return flag;
}
private static void close(Connection c, Statement s, ResultSet r)
{
try
{
if(r!=null){ r.close();}
if(s!=null){ s.close();}
if(c!=null){ c.close();}
}
catch(Exception ex)
{
}
}
}
-------------------------- ---------- ---------- ---------- ---------- -----
Here is the menu.jsp page where the name of user is displayed and it displays out to be the current one.
<% response.setHeader("pragma ", "no-cache");
response.setHeader("Cache- control", "no-cache, no-store, must-revalidate");
response.setHeader("Expire s", "01 Apr 1995 01:10:10 GMT"); %>
<%@ include file="clearcache.inc" %>
<%@ page language="java" import="java.sql.*" %>
<html>
<head>
<title>Menu</title>
</head>
<body>
<%
String user=(String)session.getVa lue("user" );
String dept=(String)session.getVa lue("dept" );
Class.forName("org.gjt.mm. mysql.Driv er").newIn stance();
Connection con=DriverManager.getConne ction("jdb c:mysql:// localhost/ a");
Statement stmt=con.createStatement() ;
ResultSet rs= stmt.executeQuery("SELECT dept_name FROM dept WHERE dept_id='"+dept+"' ");
rs.next();
String dept_name = rs.getString("dept_name");
%>
</tr>
<tr><td align="center" ><u><font color=red><b>Welcome</B></ font></u>
<p> User: <font color="#000080"><b><i>&nbs p; <% =user%></i ></b></fon t>
<p>Dept:<font color="#000080"><b><i>&nbs p;<%=dept_ name%></i> </b></font ></td></tr >
</table>
</td>
</tr>
</table>
</body>
</html>
-------------------------- ---------- ---------- ---------- ---------- ---------
Here is another page inbox.jsp which displays user name of previous session.
inbox.jsp
<%@ page import="java.util.*" %>
<meta http-equiv="Page-Enter" content="revealtrans(durat ion=1,tran sition=8)" >
<html>
<head>
<META HTTP-EQUIV="Content-Style- Type" CONTENT="text-css" >
<LINK REL="STYLESHEET" HREF="cssApproval.css" >
</head>
<%!
ResultSet rs = null;
Statement stmt = null;
int count=0;
int ctr = 0;
String indentno;
String itemno;
%>
<%@ include file="db.jsp" %>
<body bgcolor="#ffffff">
<% if(request.isRequestedSess ionIdValid () )
{
%>
<jsp:include page="menu1.jsp" />
<%
String user=(String)session.getVa lue("user" );
stmt = con.createStatement();
%>
<FORM NAME="form1">
<TABLE width="100%" class=tableMain>
<thead>
<TR>
<TD COLSPAN=5 align=center>Inbox of <%=user%></TD>
</TR>
<TR>
<TH class=tableHead><a href="#" onclick="TableSort('invent ory1', 0, 'n')">Indent No</a></TH>
<TH class=tableHead><a href="#" onclick="TableSort('invent ory1', 1, 'ai')">Send By</a></TH>
<TH class=tableHead><a href="#" onclick="TableSort('invent ory1', 2, 'de')">Date</a></TH>
<TH class=tableHead><a href="#" onclick="TableSort('invent ory1', 3, 'ai')">Dept</a></TH>
<TH class=tableHead><a href="#" onclick="TableSort('invent ory1', 4, 'ai')">Remarks</a></TH>
</TR>
</thead>
<tbody id="inventory1">
<%
ctr=0;
rs=stmt.executeQuery("SELE CT indentNo, user, currentDate,dept.dept_name FROM approval.indent,a.dept WHERE indent.dept = dept.dept_id AND indent.sendTo='"+user+"'") ;
while(rs.next())
{
indentno = rs.getString("indentNo");
ctr++;
%>
<TR>
<TD class=tdMain><%=indentno%> </TD>
<TD class=tdMain><%=rs.getStri ng("user") %></TD>
<TD class=tdMain><%=rs.getStri ng("curren tDate")%>< /TD>
<TD class=tdMain><%=rs.getStri ng("dept_n ame")%></T D>
<TD class=tdMain>Add</TD>
<TD class=tdMain><a href="details.jsp?indentNo =<%=indent no%>">Deta ils</a></T D>
</TR>
<%
}
rs=stmt.executeQuery("SELE CT indentno, itemno, user, currentDate,dept.dept_name FROM approval.tempcloseditems, a.dept WHERE tempcloseditems.dept = dept.dept_id AND visibility=1");
while(rs.next())
{
ctr++;
indentno = rs.getString("indentno");
itemno = rs.getString("itemno");
%>
<TR>
<TD class=tdMain><%=indentno%> </TD>
<TD class=tdMain><%=rs.getStri ng("user") %></TD>
<TD class=tdMain><%=rs.getStri ng("curren tDate")%>< /TD>
<TD class=tdMain><%=rs.getStri ng("dept_n ame")%></T D>
<TD class=tdMain>Received</TD>
<TD class=tdMain><a href="detailsReceived.jsp? indentNo=< %=indentno %>&itemNo= <%=itemno%>">Details</a></ TD>
</TR>
<%
}
if(ctr==0)
{ %>
<TR><TD COLSPAN=5 align=center>No Records To Display</TD></TR>
<% }
%>
</tbody>
</TABLE>
</form>
<%}
else { %> <center>
<H3>NOT A VALID SESSION
<BR>PLEASE <a href="index.html">click here</a>TO LOG IN
<% } %>
</body>
</html>
-------------------------- ---------- ---------- ---------- ---------
Another thing I'd like to mention here.
I have given grades to every user. The problem arises if the grades of both the users are same not when the grades are different.
Take for example.
First user andrew logs in and his grade is 1.
He logs out and then sohan logs in his grade is also 1. Now in inbox.jsp it will display "Inbox of Andrew" although in the menu.jsp it'll display "Welcome Sohan".
But instead of Sohan if Joe logs in and his grade is 2, correct results will be disaplyed in all the pages.
No such problem arises in window its only when app is deployed in Linux
Here is the login page.
loginSubmit.jsp
<%@ include file="clearcache.inc" %>
<html>
<head><title>Login Submit</title></head>
<%String userName=request.getParame
<%String password=request.getParame
<jsp:useBean id="loginSubmitBeanId" scope="page" class="approval.LoginSubmi
<jsp:setProperty name="loginSubmitBeanId" property="*" />
<body bgcolor="#ffffff">
<%!
String user;
String dept;
String pwd;
String grade;
%>
<%
session.putValue("user",nu
session.removeValue("user"
session.putValue("dept",nu
session.removeValue("dept"
session.putValue("grade",n
session.removeValue("grade
int val=loginSubmitBeanId.auth
if(val==1)
{
// user=loginSubmitBeanId.u;
user=loginSubmitBeanId.get
pwd=loginSubmitBeanId.getP
dept=loginSubmitBeanId.dep
grade=loginSubmitBeanId.gr
session=request.getSession
session.putValue("user",us
session.putValue("dept",de
session.putValue("grade",g
if(grade.equals("3") || grade.equals("1"))
{
response.sendRedirect("men
}
if(grade.equals("2"))
{
response.sendRedirect("adm
}
}
else
{
response.sendRedirect("log
} %>
</body>
</html>
<%@ include file="clearcache.inc" %>
--------------------------
And here goes LoginSubmitBean.java
package approval;
import java.sql.*;
public class LoginSubmitBean
{
private String userName,password;
public String u,p,dept,grade;
private Connection con=null;
private Statement stmt=null;
private ResultSet rs=null;
public String getUserName()
{
return userName;
}
public void setUserName(String userName)
{
this.userName = userName;
}
public String getPassword()
{
return password;
}
public void setPassword(String password)
{
this.password = password;
}
public int authenticate()
{
int flag=2;
try
{
p=" ";
u=" ";
dept=" ";
grade=" ";
Class.forName("org.gjt.mm.
con=DriverManager.getConne
stmt=con.createStatement()
rs=stmt.executeQuery("SELE
while( rs.next() )
{
u=rs.getString("user_name"
p=rs.getString("password")
dept=rs.getString("dept_id
grade=rs.getString("grade"
if (u.equalsIgnoreCase(userNa
{
flag=1;
// return flag;
}
}
}
catch(Exception e)
{
System.out.println(" catch of login beans");
flag=2;
}
close(con,stmt,rs);
return flag;
}
private static void close(Connection c, Statement s, ResultSet r)
{
try
{
if(r!=null){ r.close();}
if(s!=null){ s.close();}
if(c!=null){ c.close();}
}
catch(Exception ex)
{
}
}
}
--------------------------
Here is the menu.jsp page where the name of user is displayed and it displays out to be the current one.
<% response.setHeader("pragma
response.setHeader("Cache-
response.setHeader("Expire
<%@ include file="clearcache.inc" %>
<%@ page language="java" import="java.sql.*" %>
<html>
<head>
<title>Menu</title>
</head>
<body>
<%
String user=(String)session.getVa
String dept=(String)session.getVa
Class.forName("org.gjt.mm.
Connection con=DriverManager.getConne
Statement stmt=con.createStatement()
ResultSet rs= stmt.executeQuery("SELECT dept_name FROM dept WHERE dept_id='"+dept+"' ");
rs.next();
String dept_name = rs.getString("dept_name");
%>
</tr>
<tr><td align="center" ><u><font color=red><b>Welcome</B></
<p> User:
<p>Dept:<font color="#000080"><b><i>&nbs
</table>
</td>
</tr>
</table>
</body>
</html>
--------------------------
Here is another page inbox.jsp which displays user name of previous session.
inbox.jsp
<%@ page import="java.util.*" %>
<meta http-equiv="Page-Enter" content="revealtrans(durat
<html>
<head>
<META HTTP-EQUIV="Content-Style-
<LINK REL="STYLESHEET" HREF="cssApproval.css" >
</head>
<%!
ResultSet rs = null;
Statement stmt = null;
int count=0;
int ctr = 0;
String indentno;
String itemno;
%>
<%@ include file="db.jsp" %>
<body bgcolor="#ffffff">
<% if(request.isRequestedSess
{
%>
<jsp:include page="menu1.jsp" />
<%
String user=(String)session.getVa
stmt = con.createStatement();
%>
<FORM NAME="form1">
<TABLE width="100%" class=tableMain>
<thead>
<TR>
<TD COLSPAN=5 align=center>Inbox of <%=user%></TD>
</TR>
<TR>
<TH class=tableHead><a href="#" onclick="TableSort('invent
<TH class=tableHead><a href="#" onclick="TableSort('invent
<TH class=tableHead><a href="#" onclick="TableSort('invent
<TH class=tableHead><a href="#" onclick="TableSort('invent
<TH class=tableHead><a href="#" onclick="TableSort('invent
</TR>
</thead>
<tbody id="inventory1">
<%
ctr=0;
rs=stmt.executeQuery("SELE
while(rs.next())
{
indentno = rs.getString("indentNo");
ctr++;
%>
<TR>
<TD class=tdMain><%=indentno%>
<TD class=tdMain><%=rs.getStri
<TD class=tdMain><%=rs.getStri
<TD class=tdMain><%=rs.getStri
<TD class=tdMain>Add</TD>
<TD class=tdMain><a href="details.jsp?indentNo
</TR>
<%
}
rs=stmt.executeQuery("SELE
while(rs.next())
{
ctr++;
indentno = rs.getString("indentno");
itemno = rs.getString("itemno");
%>
<TR>
<TD class=tdMain><%=indentno%>
<TD class=tdMain><%=rs.getStri
<TD class=tdMain><%=rs.getStri
<TD class=tdMain><%=rs.getStri
<TD class=tdMain>Received</TD>
<TD class=tdMain><a href="detailsReceived.jsp?
</TR>
<%
}
if(ctr==0)
{ %>
<TR><TD COLSPAN=5 align=center>No Records To Display</TD></TR>
<% }
%>
</tbody>
</TABLE>
</form>
<%}
else { %> <center>
<H3>NOT A VALID SESSION
<BR>PLEASE <a href="index.html">click here</a>TO LOG IN
<% } %>
</body>
</html>
--------------------------
Another thing I'd like to mention here.
I have given grades to every user. The problem arises if the grades of both the users are same not when the grades are different.
Take for example.
First user andrew logs in and his grade is 1.
He logs out and then sohan logs in his grade is also 1. Now in inbox.jsp it will display "Inbox of Andrew" although in the menu.jsp it'll display "Welcome Sohan".
But instead of Sohan if Joe logs in and his grade is 2, correct results will be disaplyed in all the pages.
No such problem arises in window its only when app is deployed in Linux
i have n't find <%@ include file="clearcache.inc" %> in inbox.jsp
try to put that and let me know
regards
try to put that and let me know
regards
ASKER
here is the code for logout.jsp
<%@ page language="java" import="java.sql.*" %>
<%@ include file="clearcache.inc" %>
<HTML>
<BODY>
<CENTER>
<%
session.putValue("user",nu ll);
session.removeValue("user" );
session.putValue("dept",nu ll);
session.removeValue("dept" );
session.putValue("grade",n ull);
session.removeValue("grade ");
session.invalidate();
response.sendRedirect("ind ex.html");
%>
</BODY>
</HTML>
<%@ page language="java" import="java.sql.*" %>
<%@ include file="clearcache.inc" %>
<HTML>
<BODY>
<CENTER>
<%
session.putValue("user",nu
session.removeValue("user"
session.putValue("dept",nu
session.removeValue("dept"
session.putValue("grade",n
session.removeValue("grade
session.invalidate();
response.sendRedirect("ind
%>
</BODY>
</HTML>
IF THE ABOVE WORKS MEANS CHANGE THE CODE TO SETATTRIBUTE METHODS AND TEST AGAIN AS PUTVALUE METHODS ARE DEPRICATED
AS SUGGESTED PREVIOUSLY PUT THE INCLUDE STATEMENT AT THE TOP AND BOTTOM OF HTML CODE IN INBOX.JSP
HELLO,
is that new suggestion helps you?
is that new suggestion helps you?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hey that does it.
Thanks a lot. u r gr8.
Finally its done.
U deserve more than 390 points but that is all i have at the moment.
;)
Thanks to everyone who participated in the discussion.
Thanks a lot. u r gr8.
Finally its done.
U deserve more than 390 points but that is all i have at the moment.
;)
Thanks to everyone who participated in the discussion.
Great :-)
<%
String user=(String)session.getAt
if(user!=null)
session.removeAttribute("u
session.setAttribute("user
%>
in logoutpage
<%
session.removeAttribute("u
session.invalidate();
%>
simple logic and other checkings like isValidSession and bla bla bla are not required