dimpsonu arora

renu richard wrote:
Hi,

I am new bie to JSP/Servlets. I have seen most of the times that in order to make a database connection, servlet will call a java class which will have the code for making databasse connection..

Is this is the standard way of writing the code??.. I have this query because, if this is the case,, then each time a request comes to servlet each time this code runs to make a database connection. Is it not performance issue ??? Please share your thoughts on this...Thanks

Hi Richard,

You can try some frameworks like spring & struts which will help you db connections and mauplation better.

They make code writting/handling easy.

Jatin

Thanks Santosh,

But i did not get what you mean by posting userid thourgh http request?

I am simply asking the user to login using a simple jsp page which runs on http.
http://localhost:8080/myApp/login

Once the user logs in, my application hits databasse. If he is an authenticated user, his userid is set into the session using following code.
session.setAttribute("userId", userId);

Please explain what do you mean by posting userid thourgh http request?

Do you mean that it is a problem if I am storing userid somewhere in hidden field and then making use of it. Or userid is a part of my url like http://localhost:8080/myApp/abc.jsp?userId=abc.

Please correct, if I have not understood it correctly.

Hi All,
Following is my question:

A user logs into your application. Your application checks for the authentication from database.

User is a valid user. Now, Application sets the userId into session for session tracking.

session.setAttribute("userId",userId);

When the user does some database transaction, the application fetches the userId from session and inserts user values in database against that userId. For example:

String userId =(String) session.getAttribute(userId) ;

Dummy Database Table:
UserIdItemsPurchasedItemCode ItemDescription


If the authenticated user is a hacker, is it possible for him to change the userId in session while doing the transaction so that the transaction appears in somebody else name.

If this is possible, then how difficult it is and what are the security measures???

Thanks in Advance.

Hi,

I am working on a web application which has two types of users.

A. Users who are acting as Publisher and can upload documents. These users can be multiple. (Requires Login)
B. Users who are General users and will read the documents uploaded by Publishers after search publishers. (Don't require Login).

General Users shall first search a particular Publisher and then get the list of all the documents uploaded by that particular Publisher.

Now, To manage this thing, When the Publisher comes for the first time, I am creating a folder at run time with his unique Id and progmatically uploading all his documents to his folder.

This way, every publisher has its documents stored in its folder and I am providing link to the corresponding folder after the search result.

Now, I am doubtful that creating folder at runtime may not be safe or good practice. It might be operating system dependant or might have some sort of security threats. It is also possible that due to some restriction on production server, creation of folder at runtime is not allowed.

Can somebody suggest me if we can do something better and secure. What are the good practices Or can we make use of some open source for this scenario.

Thanks in advance for all the help.

Done! Thanks.

Hi,
I am using XMLBeans which is reading an xml file.
For example: Following are contents of xml file.

<Log4JPropertiesFilePath>C:/MyProj/config/log4j.properties</Log4JPropertiesFilePath>
<LogFilePath>C:/MyProj/logs/ICA_log.txt</LogFilePath>

The above kind of c:/MyProj locations are defind at many places in xml file.

Now, problem is that if the above location gets changed, I will have to make changes in the complete xml file which I don't want.

Is there any way where I can define my location "c:/MyProj" at a common place in XML Or outside XML from where XML can read it.

It is very urgent. Please help.

Thanks in advance.

Hi,

I am creating dynamic form objects like lists in my jsp page. The names of objects and number of objects are created at runtime. e.g. 2 list objects are created at runtime with names sam101 and sam102(created using javascript).

Now, objects can be as many as 100. Please suggest on how to implement map with form bean values using spring on these dynamically created form objects.

Hi,
I referred the followings.
Mock Tests:
1. Enthuware
2. Whizlab

Books:
1. Hanumanth Deshmukh.

Regards,

Hi Everybody,
I have cleared my SCJP(83%) and SCWCD(89%) exams.
Can i go for SCEA now OR I should go for UML and SCBCD first and then think about SCEA.

Also, Please let me know how to prepare for SCEA and what are the complete details. I have come to know that there are three levels in SCEA itself.

Please help me. Thanks in advance.

Passed SCWCD with 89%. I used enthuware kit.
[ March 11, 2007: Message edited by: dimpsonu arora ]

Change your script as follows:

document.forms[0].action = "/displayDepartment.do?methodToCall=searchWorkchecDepartment"document.forms[0].submit()

Earlier it was-> I have removed "."
document.forms[0].action = "./displayDepartment.do?

Hi,
Try following two things.
1. Use debugger to see if control is reaching to Action class. OR if you don't know the use of debugger then in your method of Action class print some statements like System.out.println....This will help you knowing if the control is reaching to your action class or not.
2.if it is reaching and returning success then the problem is with the forwarded JSP page. To check that, remove all the code from JSP and just print Testing.....

As per my understanding, there is some problem with your JSP.

Hi,
Yes I have done this and my customize validation is working fine. The only problem is that it is printing message on the screen. But I want it to be appeared as an alert as is the case of normal javascript.

Hi,
I am having a form with some text fields. I am using predefined as well as my custom validations on this form.
I need the client side java script validations. So, I am using...

<html-el:messages id="msg" message="true"><li><font color="red"><c ut value="${msg}"/></font></li></html-el:messages>
<html-el:errors />
<html-el:form action="ItemTypeCRUD" onsubmit="return validateItemTypeCRUDForm(this);">

<html-el:javascript formName="ItemTypeCRUDForm"/>

</html-el:form>

Now, The problem is that all the predefined validations like "required,mask" are displayed as an "Alert" as is the case in javascript(Which I want). But my custom validations are getting printed on
the screen.
What should i do to display my custom validations as an "Alert".

Thanks in Advance.

Hi,

I have come to know that IBM486 UML exam will be discontinued after 31 Dec 2006 OR June 2007. Is this the correct information. If yes, then, Is there any other certification available on UML and OODA?

Thanks in advance.