user validation

i hv just started with my lessons in jsp n also doin my final yr project in jsp.i m doin the login page & m stuck with a problem in validating the user.the code i hv written below doesnt redirect to the login page if username & password is invalid but it does redirect only if the username is valid and password invalid.i want know wer i am going wrong in this:

import java.io.*;
import java.util.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class Login2 extends HttpServlet{

private ServletConfig config;

public void init(ServletConfig config)
    throws ServletException{
     this.config=config;
     }
  public void doPost(HttpServletRequest request, HttpServletResponse response) 
              throws ServletException,IOException{
    String userlog = request.getParameter("textfield"); 
    String passlog = request.getParameter("textfield2"); 
    response.setContentType("text/html");
    PrintWriter out = response.getWriter();
    String connectionURL = "jdbc:postgresql:rohan";
    Connection connection=null;
    PreparedStatement ps=null;
    ResultSet rs=null;

try {

Class.forName("org.postgresql.Driver");
}catch(ClassNotFoundException cnfe){
cnfe.printStackTrace();
}
try{
connection = DriverManager.getConnection(connectionURL, "postgres", "postgres");
String sql = "select * from pass where username = ?";
  ps = connection.prepareStatement(sql);
ps.setString(1,userlog);
 rs =  ps.executeQuery();
String dbuser=null;
String dbpass=null; 
while (rs.next()){

dbuser = rs.getString(1);
out.println(dbuser); 
dbpass = rs.getString(2);
out.println(dbpass);
        }
if(dbuser.equals(userlog) &amp;&amp; dbpass.equals(passlog))
{
response.sendRedirect("http://localhost:8080/LoginAuthentication/servlets/xx.jsp");

}else
response.sendRedirect("http://localhost:8080/LoginAuthentication/servlets/log2.jsp");

 }catch(Exception e){
    out.println(e);
    out.println("Invalid");         
  }
finally{
try{
if(rs!=null)        
rs.close(); 
if(ps!=null)
ps.close(); 
if(connection!=null)        
connection.close();
}catch(SQLException se){
se.printStackTrace();
}
}
/* if(userName.equals(request.getParameter("user")) 
             &amp;&amp; passwrd.equals(request.getParameter("pass"))){
        out.println("WELCOME "+userName);
      }
      else{
        out.println("Please enter correct username and password");
        out.println("<a href='/LoginAuthentication/servlets/log.jsp'><br>Login again</a>");
session.setAttribute("UserName", request.getParameter("UserName"));
out.println("Welcome " + session.getAttribute( "UserName" ));
if (session.getAttribute("UserName").equals(""))
{
out.println("&lt;a href="login.jsp"&gt;&lt;b&gt;Login &lt;/b&gt;&lt;/a&gt;");
}
else{
out.println("&lt;a href="logout.jsp"&gt;&lt;b&gt;Logout&lt;/b&gt;&lt;/a&gt;");
}*/
  }

 }

View Answers

January 5, 2011 at 10:53 AM

Hi Friend,

Try the following code:

1)login.jsp:

<html>
<script>
function validate(){
var username=document.form.user.value;
var password=document.form.pass.value;
if(username==""){
  alert("Enter Username!");
  return false;
}
if(password==""){
  alert("Enter Password!");
  return false;
}
return true;
}
</script>
<form name="form" method="post" action="../Login1" onsubmit="javascript:return validate();">
<table>
<tr><td>Username:</td><td><input type="text" name="user"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass"></td></tr>
<tr><td></td><td><input type="submit" value="Submit"></td></tr>
</table>
</form>
</html>

2)Login1.java:

import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class Login1 extends javax.servlet.http.HttpServlet implements javax.servlet.Servlet { static final long serialVersionUID = 1L;

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    try{
        response.setContentType("text/html");
        PrintWriter out=response.getWriter();
        String user=request.getParameter("user");
        String pass=request.getParameter("pass") ;
        Class.forName("com.mysql.jdbc.Driver");
           Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/test", "root", "root");
         Statement st=con.createStatement();
           ResultSet rs=st.executeQuery("select * from login where username='"+user+"' and password='"+pass+"'");
          int count=0;
          while(rs.next())
          {

                   count++;
          }

                    if(count>0)
          {
            out.println("welcome "+user);
          }
          else
          {
                       response.sendRedirect("./jsp/login.jsp");
          }
    }catch (Exception e) {
    e.printStackTrace();
    }
}
}

Thanks