Login authentication against Oracle database using jdeveloper technology.

Hello everybody,

I am using Jdeveloper 10.1.2 to write a web application which allows users to login to it if their account (user name/password) exists within my "users" table in an Oracle database 10g. I have the database up and running and the "users" table already exist and is populated with some (usernames and passwords).  My question/challenge is to provide the visitors of my site with a way for them to input their user name and password and if both user name and password matches the user name and password store in the database the visitor should be presented with my welcome page and if not they must be redirected to my error page.  So my question is how can I get this authentication against the database working?  I don't have much knowledge as far as how the authentication process goes so I am stuck at the very beginning!

I will greatly appreciate any body's help!

Thank you in advance.
tadeu_lbcAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

suprapto45Commented:
Hi,

As you post this in JSP forum, do you want to find the solution in JSP?

Regards
Dave
suprapto45Commented:
Hi,

I am not pretty sure about JDeveloper but if you want to have the JSP / J2EE solution, you may consider other IDE such as Eclipse, IBM WebSphere or etc. In addition, to run your JSP, you need to have Application Server that supports JSP/Servlet container such as Tomcat, WebSphere, Bea or etc.

Please let me know if you have additional questions.

Regards
Dave
suprapto45Commented:
Ah I am so sorry,

JDeveloper is similar to WebSphere and Bea WebLogic, I am so sorry.

Well, let me try to explain you some authentication process. First, I think that you need Servlet to do the authentication so that in your JSP (called it login.jsp), there is something like <form action="/ValidateLogin" method="post">. In this case, your servlet name would be ValidateLogin.

As you know, Servlet has the capability to redirect you to some pages. So, my solution would be like

----Your Servlet----

String username = new String();
if(request.getParameter("username") != null)
    username = request.getParameter("username").toString();

String passw = new String();
if(request.getParameter("passw") != null)
    passw = request.getParameter("passw").toString();

if(checkUserNameAndPassw(username, passw) == true)
{
    // Put the value that the user has logged in to Session
    HttpSession sess = request.getSession();
    sess.setAttribute("login", "true");
    response.sendRedirect("success.jsp");
}
else
{
    response.sendRedirect("fail.jsp");
}

Please remember that you need to have some mechanism for checking whether the user has logged in or not if the user directly typed in the URL. You may use servlet filter here or alternatively, you may check it in each of your JSP.

I hope that helps.

Regards
Dave
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

tadeu_lbcAuthor Commented:
Thank you Dave for your comments!

Let me clarify myself a little bit!  For this project I must use Jdeveloper and I also want to let you know that on the database side everything is working properly!  That being said I want to let you know that I am relatively new to JEE2 and I was a bit confuse with your last comment!  I guess my question on your last comment is if the Servlet is looking inside of my table "users" from the database in order to see if the users exist within the database in order to redirect them to the welcome page!  Again my question is how to get the authentication done by looking in the database table named: “users”!

Thank you very much and sorry if I wasn't clear enough the first time!

PS: I am giving you 500 points for this!

Thanks again!
suprapto45Commented:
Hi,

>>" For this project I must use Jdeveloper"
Do not worry, either you use JDeveloper, Bea WebLogic or etc, the final product will be similar.

>>"Servlet is looking inside of my table "users" from the database in order to see if the users exist within the database in order to redirect them to the welcome page!"
Yes, you are absolutely correct.

Okay, can you connect yourself to database now from your Java pages?

Regards
Dave
suprapto45Commented:
Normally, I used Tomcat and Eclipse. However, the concept should be the same as the underlying technology is same.

Regards
Dave
tadeu_lbcAuthor Commented:
Dave,

Yes I can connect to the database and I will be deploying this app to an Oracle application server 10g!  So, by implementing this servlet I should be able to have the authentication working???

Thank you very much!
suprapto45Commented:
Hi,

>>"Yes I can connect to the database and I will be deploying this app to an Oracle application server 10g!"
Perfect

The thing that you have to do now is that, you have two choices. First, either you call the DB from your JSP directly (not good programming style) or you use Servlet to check the DB.

Okay, please have a look at this URL.
http://www.cs.bham.ac.uk/~tmw/servlet_tutorial/helloworld.shtml
http://www.novocode.com/doc/servlet-essentials/chapter2a.html

Can you print the HelloWorld out?

Regards
Dave
tadeu_lbcAuthor Commented:
Yes, I printed both of them out!
suprapto45Commented:
Okay,

now, can you try to print something out from your DB (from any table) into your Hello World?

You are almost there ;)

Regards
Dave
tadeu_lbcAuthor Commented:
Hey Dave,

You are very helpful....  I am looking at this URL you sent me and trying to get them to work!

I will write you back as soon as I (get it working/don't get it working).

thank you so much!
suprapto45Commented:
Okay,

>>"You are very helpful"
No worries

Try to create the Servlet or at least a simple JSP to work. The next step, try to include some of your data from database to be displayed in your Servlet or JSP. If you can see the value of your data from database in the Servlet or JSP, you are done, what you need to do is to check whether the username and password is the same or not and BINGO!

I will go to bed within half n hours so if you need considerable amount of time, I will try to help you by tommorow.

Good luck.

Regards
Dave

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tadeu_lbcAuthor Commented:
OK, so before you go to bed....  :)

Could you please give some sample url like the ones you sent before or some guidence on how to:
>>what you need to do is to check whether the username and password is the same or not and BINGO!
 
If you tired we can resume tomorrow.  have a good sleep!

and thank you again for all your help!

Regards
Huber
suprapto45Commented:
Hi Huber,

Thanks for accepting but why you do so? I have not fully answered your question.

I will look at the URL and let you know.

Regards
Dave
tadeu_lbcAuthor Commented:
I just thought I would reward you for being so helpful and I know that you are still going to help me because you sounds very nice!.....  :)
suprapto45Commented:
Hi Huber,

>>"I just thought I would reward you for being so helpful and I know that you are still going to help me because you sounds very nice!.....  :)"
Thanks

>>"I will be deploying this app to an Oracle application server 10g"
If I am not mistaken, you have to set the datasource to connect to Oracle. Please have a look at the URL below on how to configure it on Oracle app server.

http://www.experts-exchange.com/Web/Application_Servers/Q_20564977.html

Then if you look on what vzilka mention on how to call the datasource.

>>"2. Then, your get the data-source through a lookup operation on the InitialContext object.
Try this line:
InitialContext ic = new InitialContext();
Since you are using the data-source through a servlet, you don't need to specify parameters for the InitialContext object.
Then do this:
DataSource ds = (javax.sql.DataSource)ic.lookup("jdbc/OracleDS");
(Assuming this is the name of your DataSource)."

Put this either in your JSP or Servlet. Then, you can start to talk to your database by

Connection conn = null;
PreparedStatement pstmt = null;
ResultSet rs= null;

try
{
    InitialContext ic = new InitialContext();
    DataSource ds = (javax.sql.DataSource)ic.lookup("jdbc/OracleDS");

    conn = ds.getConnection();
    String sql = "select username, passw from users where user = ? and passw = ?";

    pstmt = conn.prepareStatement(sql);
    pstmt.setString(1, "youruserfromJSP");
    pstmt.setString(2, "yourpasswordfromJSP");
   
    rs = pstmt.executeQuery();
 
    if(rs.next())
    {
        // Login success, put all the redirect here and everything
    }
    else
    {
        // Login fail
    }
}
catch(Exception e)
{
    e.printStackTrace();
}
finally
{
    // Clean up codes here
}

Now, if you see, if you can run your Servlet, you can put all the above codes and you are 70% done. Please do not hesitate to ask questions before I leave.

Regards
Dave
tadeu_lbcAuthor Commented:
Dave,

Thanks again!

I will play with all this information you just gave!  I don't want to keep you up so, let's leave here for today and tomorrow I start sending comments again, hopefully to tell you that everything works, or I ask another question or 2!

Thank you so much and have a good sleep!

Talk to you tomorrow!

Happy 4th!

Regards
Huber!
suprapto45Commented:
Okay,

You can delete the other questions that you put on the Java forum and get the points refunded.

Good luck
NP: You just need to learn the concept. JSP <-> Servlet <-> DB. The username and password checking is on your Servlet and it is using DataSource to get the connection to DB.

Happy 4th too!

Regards
Dave
tadeu_lbcAuthor Commented:
Hey Dave, how are you doing?

I am well, except I was not able to get the whole thing to work! ):  I tryed a lot on my own but I am getting a little fustrated, I am getting to many erros and the majority of the time I don't even know what's goign on and then I spend about 2 hours to debug, and then there is more, besides my dead line is getting closer.... anyway, you get the picture right!?

Let me try to explain what's going on!

As in right now I have 3 pages and one action in my struts and thy are: (login.jsp, failure.jsp, welcome.jsp and the action called "login")

Here is my login.jsp page:

<%@ taglib uri="/WEB-INF/struts-html.tld" prefix="html"%>
<%@ page contentType="text/html;charset=windows-1252"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>untitled</title>
<link href="css/jdeveloper.css" rel="stylesheet" media="screen"/>
</head>
<body>
  <H2>
    <U>Welcome to the employee registration page</U>
  </H2>
  <P>&nbsp;</P>
  <P>&nbsp;</P>
  <H3>
    <U>Please log in!</U>
  </H3>
  <html:form action="login.do">
    <table cellspacing="2" cellpadding="3" border="1" width="46%" height="50">
      <tr>
        <td>User Name:</td>
        <td>
          <input type="text"/>
        </td>
      </tr>
      <tr>
        <td> &nbsp;Password:</td>
        <td>
          <P>
            <input type="password" name="password"/>
          </P>
        </td>
      </tr>
      <tr>
        <td>
          <input type="submit" value="Submit" name="submit"/>
        </td>
        <td>&nbsp;</td>
      </tr>
    </table>
  </html:form>
</body>
</html>
====================================================================================

Then I have my failure.jsp:

<%@ taglib uri="/WEB-INF/struts-html.tld" prefix="html"%>
<%@ taglib uri="/WEB-INF/struts-bean.tld" prefix="bean"%>
<%@ page contentType="text/html;charset=windows-1252"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>untitled</title>
</head>
<body>Login error please try again!
<html:link page="/login.jsp">
  <bean:message key="link.login"/>
</html:link>
</body>
</html>
================================================================

Then a simple welcome.jsp:

Welcome to the registration page!

================================================================

Then the action:

package loginapp.view;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionMapping;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;
import java.io.IOException;
import javax.servlet.ServletException;
import org.apache.struts.action.DynaActionForm;

public class LoginAction extends Action
{
  /**
   * This is the main action called from the Struts framework.
   * @param mapping The ActionMapping used to select this instance.
   * @param form The optional ActionForm bean for this request.
   * @param request The HTTP Request we are processing.
   * @param response The HTTP Response we are processing.
   * @throws javax.servlet.ServletException
   * @throws java.io.IOException
   * @return
   */
  public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
  {
    String password = (String) ((DynaActionForm)form).get("password");
  if (password.equalsIgnoreCase("pine239"))
      {return mapping.findForward("success");}
  else
      {return mapping.findForward("sign_error");}
  }
}
======================================================

I got this to work correct, as you can see the login.jsp is calling the action.  Then the action is just verifying if the password is correct and if so it takes me to the welcome and if not I see the error page with a link back to the login page!  But I am sure you already knew that.  So here is my first question...

1. Should I replace the action code with the servlet you showed to me Sunday in your comment "the servlet itself is right above this comment"?

Thanks!



suprapto45Commented:
No you should not,

Even Struts is more powerful than Servlet. The reason why I gave you the solution in Servlet is because I thought that you are the beginner in Java. However, now, you understand Struts which means that you are quite good in Java.

May I know what are the error messages? Have you configured your struts-config.xml?

Regards
Dave
tadeu_lbcAuthor Commented:
I am a beginner in Java.  I have strtus because Jdeveloper makes it really easy to use it!  Here is what the struts looks like right now!


<?xml version = '1.0' encoding = 'windows-1252'?>
<!DOCTYPE struts-config PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 1.1//EN" "http://jakarta.apache.org/struts/dtds/struts-config_1_1.dtd">
<struts-config>
  <form-beans>
    <form-bean name="login" type="org.apache.struts.action.DynaActionForm">
      <form-property name="password" type="java.lang.String"/>
    </form-bean>
  </form-beans>
  <action-mappings>
    <action name="login" path="/login" type="loginapp.view.LoginAction">
      <forward name="success" path="/reg.jsp"/>
      <forward name="sign_error" path="/failure.jsp"/>
    </action>
  </action-mappings>
  <message-resources parameter="loginapp.view.ApplicationResources"/>
</struts-config>
suprapto45Commented:
Okay,

You are perfect in the structure of Struts thus it may just be a little problem ;)

May I know what are the error messages?

Regards
Dave
tadeu_lbcAuthor Commented:
As it is right now there are no errors.  I was only getting the errors when I tried to implement the servlet code inside of the "action".
Sorry for my lack of knowledge.  So, basically I am stuck here!  All I have done/working are the pages I mentioned and the code inside them!
suprapto45Commented:
Do not worry,

First, in your login.jsp, you have something wrong.
        <td>User Name:</td>
        <td>
          <input type="text" />
        </td>

change it into

        <td>User Name:</td>
        <td>
          <input type="text" name="username"/>
        </td>

Okay,
Now you have

public class LoginAction extends Action
{
  /**
   * This is the main action called from the Struts framework.
   * @param mapping The ActionMapping used to select this instance.
   * @param form The optional ActionForm bean for this request.
   * @param request The HTTP Request we are processing.
   * @param response The HTTP Response we are processing.
   * @throws javax.servlet.ServletException
   * @throws java.io.IOException
   * @return
   */
  public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
  {

String password = (String) ((DynaActionForm)form).get("password");
String username = (String) ((DynaActionForm)form).get("username");

System.out.println("Username = " + username);
System.out.println("Password = " + password);

Connection conn = null;
PreparedStatement pstmt = null;
ResultSet rs= null;

try
{
    InitialContext ic = new InitialContext();
    DataSource ds = (javax.sql.DataSource)ic.lookup("jdbc/OracleDS");  // Change this based on your datasource name

    conn = ds.getConnection();
    String sql = "select username, passw from users where user = ? and passw = ?"; // Change this according your DB

    pstmt = conn.prepareStatement(sql);
    pstmt.setString(1, username);
    pstmt.setString(2, password);
   
    rs = pstmt.executeQuery();
 
    if(rs.next())
    {
        // Login success, put all the redirect here and everything
        return mapping.findForward("success");
    }
    else
    {
        // Login fail
        return mapping.findForward("sign_error");
    }
}
catch(Exception e)
{
    e.printStackTrace();
}
finally
{
    // Clean up codes here
}

}

Does it print the username and password?

Regards
Dave
tadeu_lbcAuthor Commented:
I am going to try....
suprapto45Commented:
I am waiting ;)

Regards
Dave
tadeu_lbcAuthor Commented:
I got an error at this line:

import org.apache.struts.action.DynaActionForm;public class LoginAction extends Action

The error was:

Error(15,81): no interface allowed here
Error(15,55): class LoginAction should be declared abstract; it does not define method putValue(java.lang.String, java.lang.Object) in interface javax.swing.Action
Error(15,55): method <init> not found in interface javax.swing.Action

suprapto45Commented:
Hi,

I think that you need to add your struts-config.xml too
    <form-bean name="login" type="org.apache.struts.action.DynaActionForm">
      <form-property name="password" type="java.lang.String"/>
      <form-property name="username" type="java.lang.String"/>
    </form-bean>

So, after you add all my codes, there are error messages. If you remove them, there is no error message. Am I right?

Can you post your current LoginAction now?

Regards
Dave
tadeu_lbcAuthor Commented:
Hi Dave,  :)

Let me thank you in advance again.....

Here is what it looks like now!

import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import javax.naming.InitialContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;
import javax.swing.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.DynaActionForm;public class LoginAction extends Action
{
  /**
   * This is the main action called from the Struts framework.
   * @param mapping The ActionMapping used to select this instance.
   * @param form The optional ActionForm bean for this request.
   * @param request The HTTP Request we are processing.
   * @param response The HTTP Response we are processing.
   * @throws javax.servlet.ServletException
   * @throws java.io.IOException
   * @return
   */
  public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
  {

String password = (String) ((DynaActionForm)form).get("password");
String username = (String) ((DynaActionForm)form).get("username");

System.out.println("Username = " + username);
System.out.println("Password = " + password);

Connection conn = null;
PreparedStatement pstmt = null;
ResultSet rs= null;

try
{
    InitialContext ic = new InitialContext();
    DataSource ds = (javax.sql.DataSource)ic.lookup("jdbc/toystore");  // Change this based on your datasource name

    conn = ds.getConnection();
    String sql = "select username, password from logon where username = ? and password = ?"; // Change this according your DB

    pstmt = conn.prepareStatement(sql);
    pstmt.setString(1, username);
    pstmt.setString(2, password);
   
    rs = pstmt.executeQuery();
 
    if(rs.next())
    {
        // Login success, put all the redirect here and everything
        return mapping.findForward("success");
    }
    else
    {
        // Login fail
        return mapping.findForward("sign_error");
    }
}
catch(Exception e)
{
    e.printStackTrace();
}
finally
{
    // Clean up codes here
}

}
}
suprapto45Commented:
Hi,

First, I think that your struts-config.xml is not configured properly. Have a look at http://www.reumann.net/struts/lesson3/step5.do for the sample of struts-config.xml. I think that you need to add the name, scope and etc in your action in struts-config.xml.

Why do you have javax.swing.Action? Remove that and change it into import org.apache.struts.action.Action;

Regards
Dave
tadeu_lbcAuthor Commented:
OK,

The only error now is at the very end right before the closing brackets and it say:

}
}

Error(73,1): method does not return a value
suprapto45Commented:
Oh my mistake sorry,

    if(rs.next())
    {
        // Login success, put all the redirect here and everything
        return mapping.findForward("success");
    }
    else
    {
        // Login fail
        return mapping.findForward("sign_error");
    }

    return mapping.findForward("sign_error");

}

Regards
Dave
tadeu_lbcAuthor Commented:
DDDDDDDAAAAAAAAAAAAVVVVVVVVVVVVVEEEEEEEEEEEEEEEEE!!!!!!!!!!!!!!!!!!!!!

It works MAN!

You are the bomb man...

Thank you so much!

Tell me what can I do to reward you????

Any thing!!!
suprapto45Commented:
Hahahaha!

I am glad it works ;)

>>"Tell me what can I do to reward you????"
it is okay, we are here to help.

Okay, now, can I ask the moderator to delete your same question in Java forum? or (you may reward the points to me)...haha no just kidding ;)

Regards
Dave
tadeu_lbcAuthor Commented:
Oh yeah!

The points are gonna go for you!!!!

): ): )P:

I think there is a lil bug!

>>I am giving you the points right now!

Let me try one more thing, before I tell you about the bug!

suprapto45Commented:
>>"I think there is a lil bug!"
Just let me know.

>>"I am giving you the points right now!"
You do not have to anyway. I am here to help not for points ;)

Regards
Dave
tadeu_lbcAuthor Commented:
Yeah, there is a lil problem....

I got all happy thinking that it was working but.....

The username is not even being checked because even if I enter a username that dosen't exist the app still lets me in.
Also, even if there is no username but the right password I can get in!
I think there is some cached information some where because I am using the password that I had staticly put into the old "action" remember?

What do you think it is?
 
suprapto45Commented:
Mmmm...

I am not sure about the cache in Oracle App Server. However, as I printed out the username and password,

System.out.println("Username = " + username);
System.out.println("Password = " + password);

What are the values for them? Is it the same based on what you enter on the fom?

Regards
Dave
tadeu_lbcAuthor Commented:
>>
as I printed out the username and password,

System.out.println("Username = " + username);
System.out.println("Password = " + password);

What are the values for them? Is it the same based on what you enter on the fom?

Sorry but...  How do I even check for that?  The only way I know to run this app is to right click and select "run" on the "login.jsp" page in the visual window that Jdeveloper gives me of my "struts-config.xml" page!

Sorry!

Did you get the points from the Java forum?

suprapto45Commented:
>>"Did you get the points from the Java forum?"
Yes, thank you very much.

Does JDeveloper provide any console like command prompt that prints all the process of the app server?

Anyway, does that always happen? Or does it always happen on the second attempt?

Regards
Dave
suprapto45Commented:
Hi,

I got to go for lunch now (I am in Singapore). Where are you from? I should be back to EE approximately 4 hours from now.

Just post your problem and I will try to check that and let you know ASAP.

Thanks for the points.

Regards
Dave
tadeu_lbcAuthor Commented:
It happens all the time!  Remember my first "action" code where I had the password set in there?!!  Well, the app is running as if it was still like that!  It is cheking on the password I think and I also think that some how it has that info some where, because there are other passwords store in my DB and even if I enter another right password I still get redirected to failure!  

* Do you suggest that I look within Jdeveloper to see if it has some cached info?  
* Or try to run the app via URL in another computer?
Or.......?

Sorry!

PS: Let me know if you are geting tired!  If so we can start debuging another day!  This app is due only this comming Monday, so there is a lil time left!

suprapto45Commented:
Hi,

>>"Or try to run the app via URL in another computer?"
Try this.

Can you post your latest LoginAction, struts-config.xml and some data in your DB?

I need to go now.

Regards
Dave
tadeu_lbcAuthor Commented:
Struts:
<?xml version = '1.0' encoding = 'windows-1252'?>
<!DOCTYPE struts-config PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 1.1//EN" "http://jakarta.apache.org/struts/dtds/struts-config_1_1.dtd">
<struts-config>
  <form-beans>
    <form-bean name="login" type="org.apache.struts.action.DynaActionForm">
      <form-property name="password" type="java.lang.String"/>
    </form-bean>
  </form-beans>
  <action-mappings>
    <action name="login" path="/login" type="loginapp.view.LoginAction">
      <forward name="success" path="/reg.jsp"/>
      <forward name="sign_error" path="/failure.jsp"/>
    </action>
  </action-mappings>
  <message-resources parameter="loginapp.view.ApplicationResources"/>
</struts-config>
==========================================================

LoginAction:

import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import javax.naming.InitialContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.DynaActionForm;public class LoginAction extends Action
{
  /**
   * This is the main action called from the Struts framework.
   * @param mapping The ActionMapping used to select this instance.
   * @param form The optional ActionForm bean for this request.
   * @param request The HTTP Request we are processing.
   * @param response The HTTP Response we are processing.
   * @throws javax.servlet.ServletException
   * @throws java.io.IOException
   * @return
   */
  public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
  {

String password = (String) ((DynaActionForm)form).get("password");
String username = (String) ((DynaActionForm)form).get("username");

System.out.println("Username = " + username);
System.out.println("Password = " + password);

Connection conn = null;
PreparedStatement pstmt = null;
ResultSet rs= null;

try
{
    InitialContext ic = new InitialContext();
    DataSource ds = (javax.sql.DataSource)ic.lookup("jdbc/toystore");  // Change this based on your datasource name

    conn = ds.getConnection();
    String sql = "select username, password from logon where username = ? and password = ?"; // Change this according your DB

    pstmt = conn.prepareStatement(sql);
    pstmt.setString(1, username);
    pstmt.setString(2, password);
   
    rs = pstmt.executeQuery();
 
    if(rs.next())
    {
        // Login success, put all the redirect here and everything
        return mapping.findForward("success");
    }
    else
    {
        // Login fail
        return mapping.findForward("sign_error");
    }
}
catch(Exception e)
{
    e.printStackTrace();
}
finally
{
    // Clean up codes here
}

return mapping.findForward("sign_error");
  }
 
}

=========================================

DB:

INSERT INTO SIGNON ( USERNAME, PASSWORD ) VALUES (
'j2ee', 'j2ee');
INSERT INTO SIGNON ( USERNAME, PASSWORD ) VALUES (
'hsouza', 'pine239');
INSERT INTO SIGNON ( USERNAME, PASSWORD ) VALUES (
'Johnny', 'test');
INSERT INTO SIGNON ( USERNAME, PASSWORD ) VALUES (
'Big_T', 'test');
INSERT INTO SIGNON ( USERNAME, PASSWORD ) VALUES (
'Souza', 'test');
commit;
 
Thanks!
suprapto45Commented:
Hi,

First thing, as you add the data into SIGNON table, does the SQL should look like
String sql = "select username, password from signon where username = ? and password = ?";
instead of
String sql = "select username, password from logon where username = ? and password = ?";

Your struts-config.xml must have the username properties too.

    <form-bean name="login" type="org.apache.struts.action.DynaActionForm">
      <form-property name="username" type="java.lang.String"/>
      <form-property name="password" type="java.lang.String"/>
    </form-bean>

Let me know if there is the same bugs.

What would happen if you try it from other PC?

Regards
Dave

tadeu_lbcAuthor Commented:
Hey Dave,

Nothing is working now! ):

I used “Effective File Search” and found the password in a .class file inside Jdeveloper!  After I removed the password from that file the app compiles and I am able to run it, but then when I try to enter the same password and hit submit, the browser just get me this errors:

PS: I think I messed up the .class file by trying to edit it manually (remove the password) with WordPad!  

500 Internal Server Error
java.lang.ClassFormatError: loginapp.view.LoginAction
      at java.lang.ClassLoader.defineClass0(Native Method)
      at java.lang.ClassLoader.defineClass(ClassLoader.java:537)
      at java.security.SecureClassLoader.defineClass(SecureClassLoader.java)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].util.OC4JSecureClassLoader.defineClassEntry(OC4JSecureClassLoader.java:172)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].naming.ContextClassLoader.defineClass(ContextClassLoader.java:1170)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].naming.ContextClassLoader.findClass(ContextClassLoader.java:406)
      at java.lang.ClassLoader.loadClass(ClassLoader.java:289)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].naming.ContextClassLoader.loadClass(ContextClassLoader.java)
      at java.lang.ClassLoader.loadClass(ClassLoader.java:235)
      at org.apache.struts.util.RequestUtils.applicationClass(RequestUtils.java:207)
      at org.apache.struts.util.RequestUtils.applicationInstance(RequestUtils.java:231)
      at org.apache.struts.action.RequestProcessor.processActionCreate(RequestProcessor.java:326)
      at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:268)
      at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1485)
      at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:527)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
      at oracle.security.jazn.oc4j.JAZNFilter.doFilter(Unknown Source)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:649)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:322)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:790)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].server.http.HttpRequestHandler.run(HttpRequestHandler.java:270)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].server.http.HttpRequestHandler.run(HttpRequestHandler.java:112)
      at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)].util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
      at java.lang.Thread.run(Thread.java:534)
 

Do you have any idea?

I really need to get this done!!!!

Sorry!


tadeu_lbcAuthor Commented:
Hi,

I can give you a FTP address for you to download a .zip file with my entire worspace so that you can see better what's going on!  What do you think?

Thanks,

Regards Huber!
tadeu_lbcAuthor Commented:
Hi,

Can I give you a FTP address for you to download a .zip file with my entire worspace so that you can see better what's going on!  What do you think?

Thanks,

Regards Huber!
suprapto45Commented:
Sorry for the delay...I was extremely busy yesterday.

Do not give your ftp here...people can misuse your ftp. Can you just send it to my email - davidayudhahalim at yahoo.com?

I hope people in London are okay.

Regards
Dave
tadeu_lbcAuthor Commented:
OK,

Thanks for you concern about the FTP. And don't worry about the delay :)

I have just sent you the e-mail!

PS:  This is what Jdeveloper 10g creates as a workspace!  I don't know if you have Jdev.  If you do I am sure you know how to open the app.  If not and you are willing to try, browse to de folder after you unzip the files and open the .jws file.  That will open the program for you!  If you don't want to try all the files are within sub-folder.......  Again I am sure you will be able to figure it out but if you need help finding the files just ask!

Thanks.

PS2: I wish every single one of this terrorists would get arrested permanently, can you imagine all the innocent people who have died from this types of attacks!
tadeu_lbcAuthor Commented:
Hey Dave,

I am not trying to rush you......  Just curios, Did you get my e-mail?  

tadeu_lbcAuthor Commented:
Hello Dave!!!

I am getting a little behind now as my dead line for this has already past!  I know you are very busy but seems to me that this authentication part of my application would be so simple yet I am having a hard time with it!  Please help!

Here is my struts-config.xml file:

<?xml version = '1.0' encoding = 'windows-1252'?>
<!DOCTYPE struts-config PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 1.1//EN" "http://jakarta.apache.org/struts/dtds/struts-config_1_1.dtd">
<struts-config>
  <form-beans>
    <form-bean name="login" type="org.apache.struts.action.DynaActionForm">
      <form-property name="username" type="java.lang.String"/>
      <form-property name="password" type="java.lang.String"/>    
    </form-bean>
  </form-beans>
  <action-mappings>
    <action name="login" path="/login" type="loginapp.view.LoginAction">
      <forward name="success" path="/welcome.jsp"/>
      <forward name="fail" path="/faliure.jsp"/>
    </action>
  </action-mappings>
  <message-resources parameter="loginapp.view.ApplicationResources"/>
</struts-config>

--------------------------------------------------------------------

So, after I run my app. the error that I am getting is:

>> No action instance for path /login could be created

Is it possible that my action.java is not properly written?  And also that my
struts-config.xml is no completed?  And I am not sure if I am calling the datasource right!
Sorry for being such a beginner!



Here is my loginAction.java:

import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import javax.naming.InitialContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.DynaActionForm;public class LoginAction extends Action
{
  /**
   * This is the main action called from the Struts framework.
   * @param mapping The ActionMapping used to select this instance.
   * @param form The optional ActionForm bean for this request.
   * @param request The HTTP Request we are processing.
   * @param response The HTTP Response we are processing.
   * @throws javax.servlet.ServletException
   * @throws java.io.IOException
   * @return
   */
  public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
  {

String password = (String) ((DynaActionForm)form).get("password");
String username = (String) ((DynaActionForm)form).get("username");

System.out.println("Username = " + username);
System.out.println("Password = " + password);

Connection conn = null;
PreparedStatement pstmt = null;
ResultSet rs= null;

try
{
    InitialContext ic = new InitialContext();
    //DataSource ds = (javax.sql.DataSource)ic.lookup("jdbc/toystore");  // Change this based on your datasource name
    //DataSource ds = (javax.sql.DataSource)ic.lookup("jdbc:oracle:thin:@134.139.136.48:1521:");  // Change this based on your datasource name
    DataSource ds = (javax.sql.DataSource)ic.lookup("java:comp/env/jdbc/toystore");

    conn = ds.getConnection();
    String sql = "select username, password from signon where username = ? and password = ?"; // Change this according your DB

    pstmt = conn.prepareStatement(sql);
    pstmt.setString(1, username);
    pstmt.setString(2, password);
   
    rs = pstmt.executeQuery();
 
    if(rs.next())
    {
        // Login success, put all the redirect here and everything
        return mapping.findForward("success");
    }
    else
    {
        // Login fail
        return mapping.findForward("fail");
    }
}
catch(Exception e)
{
    e.printStackTrace();
}
finally
{
    // Clean up codes here
}

return mapping.findForward("fail");
  }
 
}

---------------------------------------------------

Here is my login.jsp:

<%@ taglib uri="/WEB-INF/struts-html.tld" prefix="html"%>
<%@ page contentType="text/html;charset=windows-1252"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>untitled</title>
<link href="css/jdeveloper.css" rel="stylesheet" media="screen"/>
</head>
<body>
  <H2>
    <U>Welcome to the employee registration page</U>
  </H2>
  <P>&nbsp;</P>
  <P>&nbsp;</P>
  <H3>
    <U>Please log in!</U>
  </H3>
  <html:form action="/login.do">
    <table cellspacing="2" cellpadding="3" border="1" width="46%" height="50">
      <tr>
        <td>User Name:</td>
        <td>
          <input type="text" name="username"/>
        </td>
      </tr>
      <tr>
        <td> &nbsp;Password:</td>
        <td>
          <P>
            <input type="password" name="password"/>
          </P>
        </td>
      </tr>
      <tr>
        <td>
          <input type="submit" value="Submit" name="submit"/>
        </td>
        <td>&nbsp;</td>
      </tr>
    </table>
  </html:form>
</body>
</html>
--------------------------------------

Thanks in advance for any help!
tadeu_lbcAuthor Commented:
HELP!  

Please see the comment I posted above!  

>>Comment from tadeu_lbc
Date: 07/12/2005 03:21PM PDT
tadeu_lbcAuthor Commented:
Hello Dave!  Hope you are doing well!

As you can see, I made some progress....

Now I am little stuck again.  Here is what’s going on!

At the very end of the LoginAction.java file, the last 3 lines goes like this:

------------------------------------------------------------

return mapping.findForward("fail");
  }
 
}

-------------------------------------------------------------

I am under the impression that this is the only part being executed because no matter what information I enter in my form I am always redirected to “fail” and get presented with the failure.jsp page, if this part says “fail”!  And again no mater what information I enter in the form, if I change this part to say “success” it always redirect me to “success” and I get presented with the welcome.jsp page!  

Does that tell you anything?

Thanks again!  

 Regards Tadeu!  


Here is what my whole LoginAction.java looks like now:

import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import javax.naming.InitialContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.DynaActionForm;public class LoginAction extends Action
{

   /**
   * This is the main action called from the Struts framework.
   * @param mapping The ActionMapping used to select this instance.
   * @param form The optional ActionForm bean for this request.
   * @param request The HTTP Request we are processing.
   * @param response The HTTP Response we are processing.
   * @throws javax.servlet.ServletException
   * @throws java.io.IOException
   * @return
   */
  public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
  {
 
String username = (String) ((DynaActionForm)form).get("username");
String password = (String) ((DynaActionForm)form).get("password");

System.out.println("Username = " + username);
System.out.println("Password = " + password);

if ( password == null || username == null){
        return mapping.findForward("fail");
}


     
Connection conn = null;
PreparedStatement pstmt = null;
ResultSet rs= null;

try
{
    InitialContext ic = new InitialContext();
    //DataSource ds = (javax.sql.DataSource)ic.lookup("jdbc/toystore");  // Change this based on your datasource name
    //DataSource ds = (javax.sql.DataSource)ic.lookup("jdbc:oracle:thin:@134.139.136.48:1521:");  // Change this based on your datasource name
    DataSource ds = (javax.sql.DataSource)ic.lookup("java:comp/env/jdbc/toystore");

    conn = ds.getConnection();
    String sql = "select username, password from signon where username = ? and password = ?"; // Change this according your DB

    pstmt = conn.prepareStatement(sql);
    pstmt.setString(1, username);
    pstmt.setString(2, password);
   
    rs = pstmt.executeQuery();
 
    if(rs.next())
    {
        // Login success, put all the redirect here and everything
        return mapping.findForward("success");
    }
    else
    {
        // Login fail
        return mapping.findForward("fail");
    }
}
catch(Exception e)
{
    e.printStackTrace();
}
  finally
  {
    // Clean up codes here
  }

return mapping.findForward("fail");
  }
 
}
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
JSP

From novice to tech pro — start learning today.