Help creating a Login servlet

This is a chunk of my code from my LoginServlet.java:

      public void printLoginTable(PrintWriter out)

      {
            

            out.println("<h2>Login</h2>");
            out.println("<FORM METHOD=POST ACTION="/com/wrox/servlet/Authenticate1">");
            out.println("ID: <INPUT TYPE=TEXT NAME=uid SIZE=20><BR>");
            out.println("Password: <INPUT TYPE=PASSWORD NAME=pw SIZE=20><BR>");
            out.println("<P><INPUT TYPE=SUBMIT>");
            out.println("</FORM>");
              String userId = req.getParameter("uid");
              String password = req.getParameter("pw");
                bool validated = validate(userId,password);
                if(validated)
                 {
                           printLogged(out);
                 }
                 else
                 {
                          out.println("INVALID");
                          //then go back to some other page...
                 }
      }

basically its purpose is to create the HTML form to take in a user id and password, then the last two lines are supposed to take those two parameters and process those strings elsewhere. Am i doing this correctly?  I'm guessing not because i have to worry about the "onclick" action of an html form...but how do i make my req.getParameter wait for onclick? Or am i totally off?
jinduyAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

CEHJCommented:
Your main problem is a logical one. What you're doing is simultaneously creating a form to allow the user to log in and behaving as if a login has already taken place. If you are only just creating the form, how can

>>String userId = req.getParameter("uid");

be anything other than null, unless the login *has* taken place? And if it has, why print the login form?

What you should be doing is either using two different pages - one to print the form and another to receive it, or, if you're using the same page/servlet, you should be either printing the form or processing it, but not both.

You should really save the login in the session, so if you can't find it in the session, you know the user has to log in and you can print the login form.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
lapchernCommented:
oh yeah... userID will always be null =(


can you please elaborate more on saving the "login in the session..."

how do i save the login in a session? Do u mean saving the username of the login in the session? Thanks
jinduyAuthor Commented:
oops i replied with my lab partner's login just now...so yeah...
CEHJCommented:
>>Do u mean saving the username of the login in the session?

Yes.

requestion.getSession().setAttribute("username", username);
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java EE

From novice to tech pro — start learning today.