• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

User Auth Using Cookies

 
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I seem to have tied myself in circles posting (using POST) a users password from a JSP page to a servlet.
If the posted password matches what is listed in the servlet then the inbound ServletData(com.javaranch.common.ActionServlet) object is opened and the HttpServletResponse object is extracted, has a cookie added to it and then is used to form part of a new ServletData object passed to a newly created 'action' within the same servlet.
NOT using forward() or redirect(). The code should make this a bit clearer.

This new doAction() method should then check to see that the incoming ServletDataObject has the correct cookie for access, then write out a jsp page if so.

What I am finding is the first time I click 'submit' on the password page that it doesn't send me to the error page, but neither do I get sent to the new JSP. All it does is add the Jsession id to the URL, the second time I hit submit it is ok.

I found this post https://coderanch.com/t/362557/Servlets/java/cookie-questions

But am still not clear what is going on.

The login jsp is :-



In the servlet I have


Which leads to :-


Calling new ListVideos().doAction(newServlet). Usually called from inbound post requests from client. In this case called from servlet itself, is this acceptable?

So first time I submit the login JSP

Orion server log outputs
127.0.0.1 - - [01/Apr/2008:19:41:23 +0000] "POST /videos2/servlet/VideoServlet;jsessionid=PEEEHHKHLHJB HTTP/1.1" 200 502

second time

127.0.0.1 - - [01/Apr/2008:19:42:20 +0000] "POST /videos2/servlet/VideoServlet HTTP/1.1" 200 694

Checking in firefox and opera I can see the correct cookie has been created and it allows me to do other things without logging back in,

I have the sinking feeling I have missed the point.
It was supposed to be an exercise in MVC Model 2.

but never mind.

cheers

Nick

[ April 01, 2008: Message edited by: Nick Fernandez ]
[ April 02, 2008: Message edited by: Marilyn de Queiroz ]
 
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Nick,
Assuming you having givena correct password ,dont you think this would lead to an infinite loop.


sudhakar.D
 
Nick Fernandez
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
My apologies. The code for new ListVideos().doAction(newServlet) is not shown.
I guess you thought I was sending VideoLogin back to itself. This is not the case.

I was trying to avoid it, but the complete code is posted below.
Usually the relevant 'action' is called using POST from a JSP page.

But by using new ListVideos().doAction I am calling an action directly\building an instance of private class ListVideos, calling its doAction method and passing it a ServletData object, all from within private class VideoLogin within the servlet. Is this acceptable?

thanks

Nick


[ April 02, 2008: Message edited by: Marilyn de Queiroz ]
 
Sheriff
Posts: 9109
12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Nick Fernandez:
I seem to have tied myself in circles posting (using POST) a users password from a JSP page to a servlet.
If the posted password matches what is listed in the servlet then the inbound ServletData(com.javaranch.common.ActionServlet) object is opened and the HttpServletResponse object is extracted, has a cookie added to it and then is used to form part of a new ServletData object passed to a newly created 'action' within the same servlet.
NOT using forward() or redirect(). The code should make this a bit clearer.

Calling new ListVideos().doAction(newServlet). Usually called from inbound post requests from client. In this case called from servlet itself, is this acceptable?

I have the sinking feeling I have missed the point.
It was supposed to be an exercise in MVC Model 2.


Let me begin by saying that you are welcome to post in the Cattle Drive forum since you are working on a Cattle Drive assignment (and welcome to JavaRanch, by the way). I felt that I had to remove your code because if you post great code for these assignments, you will be robbing others of an education, and Google is everyone's friend. Pseudocode is more than welcome.

I think I can respond to your questions without the code, however. The idea is that you use the videologin.jsp to log in (obviously), which sends you to the servlet, which by default sends you to listvideos.jsp which sends you to the servlet when you click on the "add a new video" button which sends you to the addvideo.jsp which sends you to the servlet which sends you to the listvideos.jsp.

You should not be going from servlet to servlet nor from jsp to jsp. Does that help?
 
Nick Fernandez
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hmm,

Food for thought.

thanks Marilyn!

cheers

Nick.
 
reply
    Bookmark Topic Watch Topic
  • New Topic