Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 638
  • Last Modified:

Help creating a Login servlet

This is a chunk of my code from my LoginServlet.java:

      public void printLoginTable(PrintWriter out)

      {
            

            out.println("<h2>Login</h2>");
            out.println("<FORM METHOD=POST ACTION="/com/wrox/servlet/Authenticate1">");
            out.println("ID: <INPUT TYPE=TEXT NAME=uid SIZE=20><BR>");
            out.println("Password: <INPUT TYPE=PASSWORD NAME=pw SIZE=20><BR>");
            out.println("<P><INPUT TYPE=SUBMIT>");
            out.println("</FORM>");
              String userId = req.getParameter("uid");
              String password = req.getParameter("pw");
                bool validated = validate(userId,password);
                if(validated)
                 {
                           printLogged(out);
                 }
                 else
                 {
                          out.println("INVALID");
                          //then go back to some other page...
                 }
      }

basically its purpose is to create the HTML form to take in a user id and password, then the last two lines are supposed to take those two parameters and process those strings elsewhere. Am i doing this correctly?  I'm guessing not because i have to worry about the "onclick" action of an html form...but how do i make my req.getParameter wait for onclick? Or am i totally off?
0
jinduy
Asked:
jinduy
  • 2
1 Solution
 
CEHJCommented:
Your main problem is a logical one. What you're doing is simultaneously creating a form to allow the user to log in and behaving as if a login has already taken place. If you are only just creating the form, how can

>>String userId = req.getParameter("uid");

be anything other than null, unless the login *has* taken place? And if it has, why print the login form?

What you should be doing is either using two different pages - one to print the form and another to receive it, or, if you're using the same page/servlet, you should be either printing the form or processing it, but not both.

You should really save the login in the session, so if you can't find it in the session, you know the user has to log in and you can print the login form.


0
 
lapchernCommented:
oh yeah... userID will always be null =(


can you please elaborate more on saving the "login in the session..."

how do i save the login in a session? Do u mean saving the username of the login in the session? Thanks
0
 
jinduyAuthor Commented:
oops i replied with my lab partner's login just now...so yeah...
0
 
CEHJCommented:
>>Do u mean saving the username of the login in the session?

Yes.

requestion.getSession().setAttribute("username", username);
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now