Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Java > servlet/jsp question: tomcat 4 and login (about session, forward and get/set attribute)

Reply
Thread Tools

servlet/jsp question: tomcat 4 and login (about session, forward and get/set attribute)

 
 
Mladen Adamovic
Guest
Posts: n/a
 
      11-15-2003
In mysql I have table members(mem_id,mem_password,...).
I want to make login to my web application (jsp/servlet/html) using
information from table members.
1. Is there good prepared login solution which is easily to use with tomcat
4/ant? (I could change to EE if its neccessery)
2. I tried to write some login code, but I have problems.
First, let me explain what I'm trying to do: in Authorize.java i set two
attributes of its ServletContext then forward using RequestDisplather to the
Home.jsp, in Home.jsp I read those attributes - and they are null.

Some code follows:
//SOME CODE FROM Authorize.JAVA servlet:
...
ServletContext sc=getServletContext();
sc.setAttribute("mem_id",id);
sc.setAttribute("mem_passwd",pass);
System.err.println("In Authorize.JAVA User connected: "+id);
...
RequestDispatcher dispatcher =
req.getRequestDispatcher("/Home.jsp");
if (dispatcher != null)
dispatcher.forward(req, res);
...
//END OF Authorize.java

//SOME CODE FROM Home.jsp
String mem_id=(String) session.getAttribute("mem_id");
String mem_pass=(String) session.getAttribute("mem_passwd");
if(mem_id==null || mem_pass==null)
{
//user is not connected, ask for id and pass
System.err.print("in Home.jsp user is not connected - ");
System.err.println("mem_id: "+mem_id+" mem_passwd :"+mem_pass);
...
//END OF Home.jsp

On the console I got the following :
In Authorize.JAVA User connected: root
in Home.jsp user is not connected - mem_id: null mem_passwd :null

Where I'm wrong?

Thanks in advance.



 
Reply With Quote
 
 
 
 
Andreas Wollschlaeger
Guest
Posts: n/a
 
      11-15-2003
Mladen Adamovic wrote:
> In mysql I have table members(mem_id,mem_password,...).
> I want to make login to my web application (jsp/servlet/html) using
> information from table members.
> 1. Is there good prepared login solution which is easily to use with tomcat
> 4/ant? (I could change to EE if its neccessery)
> 2. I tried to write some login code, but I have problems.
> First, let me explain what I'm trying to do: in Authorize.java i set two
> attributes of its ServletContext then forward using RequestDisplather to the
> Home.jsp, in Home.jsp I read those attributes - and they are null.


The thing you want is perhaps "JDBCRealm" - basically, its a ready made
login framework for JSPs, and pretty easy to use. Have a look at
jakarta.apache.org, they have a goot tutorial for this one.


> Some code follows:
> //SOME CODE FROM Authorize.JAVA servlet:
> ...
> ServletContext sc=getServletContext();
> sc.setAttribute("mem_id",id);
> sc.setAttribute("mem_passwd",pass);
> System.err.println("In Authorize.JAVA User connected: "+id);
> ...
> RequestDispatcher dispatcher =
> req.getRequestDispatcher("/Home.jsp");
> if (dispatcher != null)
> dispatcher.forward(req, res);
> ...
> //END OF Authorize.java
>
> //SOME CODE FROM Home.jsp
> String mem_id=(String) session.getAttribute("mem_id");
> String mem_pass=(String) session.getAttribute("mem_passwd");
> if(mem_id==null || mem_pass==null)
> {
> //user is not connected, ask for id and pass
> System.err.print("in Home.jsp user is not connected - ");
> System.err.println("mem_id: "+mem_id+" mem_passwd :"+mem_pass);
> ...
> //END OF Home.jsp
>
> On the console I got the following :
> In Authorize.JAVA User connected: root
> in Home.jsp user is not connected - mem_id: null mem_passwd :null
>
> Where I'm wrong?
>
> Thanks in advance.


Quick guess: I am not sure in which context
ServletContext.setAttribute() puts its entries - perhaps "application"
scope. You want to obtain the HttpSession from the HttpServletRequest
and put your attributes into the session scope, should do the trick...

HTH
Andreas

 
Reply With Quote
 
 
 
 
Sudsy
Guest
Posts: n/a
 
      11-16-2003
Andreas Wollschlaeger wrote:

> Mladen Adamovic wrote:

<snip>
> The thing you want is perhaps "JDBCRealm" - basically, its a ready made
> login framework for JSPs, and pretty easy to use. Have a look at
> jakarta.apache.org, they have a goot tutorial for this one.



They might now support DIGEST authentication but the version of Tomcat
I'm using only supports BASIC, which means user credentials are sent
"in the clear". Not secure!

<snip>

> Quick guess: I am not sure in which context
> ServletContext.setAttribute() puts its entries - perhaps "application"
> scope. You want to obtain the HttpSession from the HttpServletRequest
> and put your attributes into the session scope, should do the trick...
>
> HTH
> Andreas
>


Correct...Authorize.java, since it's a servlet, should be invoking
getSession on the HttpServletRequest parameter and then invoking
setAttribute on the returned object, i.e.

public void doPost( HttpServletRequest req, HttpServletResponse
resp ) {
...
HttpSession sess = req.getSession()
sess.setAttribute( "mem_id", id );
sess.setAttribute( "mem_passwd", pass );

Note that it's orthogonal to the access in the JSP.

 
Reply With Quote
 
Mladen Adamovic
Guest
Posts: n/a
 
      11-16-2003
Now it works. With getSession() instead of getServletContext().
Thanks to all people who tried(and succed) to help me.

"Sudsy" <(E-Mail Removed)> wrote :
> > Quick guess: I am not sure in which context
> > ServletContext.setAttribute() puts its entries - perhaps "application"
> > scope. You want to obtain the HttpSession from the HttpServletRequest
> > and put your attributes into the session scope, should do the trick...
> >
> > HTH
> > Andreas
> >

>
> Correct...Authorize.java, since it's a servlet, should be invoking
> getSession on the HttpServletRequest parameter and then invoking
> setAttribute on the returned object,




 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Login and Forward to an External site using Struts dhanunjay Java 3 04-20-2009 08:20 AM
Can't forward requests from Apache to Tomcat: error 403 Forbidden Oleg Konovalov Java 1 04-16-2005 04:50 PM
Tomcat 4.1 container authentication on jsp:forward Pavel Java 0 08-12-2004 02:49 PM
Re-forward declaration of types which were already forward declared qazmlp C++ 1 02-15-2004 07:00 PM
Tomcat port forward soraya soch Java 0 10-27-2003 05:45 PM



Advertisments