Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Getting values from mySQL table using JDBC

 
induz sat
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am trying to authenticate user log in

My Db has a table named UserInfo with 3 columns :- serail [ PK and AutoI], userName and UserPW

when I run this I get "HTTP Status 404 "

what is wrong and how to fix it.
'


 
K. Tsang
Bartender
Posts: 3583
16
Android Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I see 2 issues. First the select statement. How can you get data without a WHERE clause? Second issue, the checking of user name and password: you are using "==" which should have been equals(). The "==" check whether the object is the same in memory rather than the content. You want to check the content here.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65335
97
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A 404 has nothing to do with JDBC. It means the web resources was not found.
 
chris webster
Bartender
Posts: 2407
33
Linux Oracle Postgres Database Python Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Leaving aside's Bear's point about a 404 error being nothing to do with the JDBC stuff, you also need to think about what you are doing in your query. You appear to be checking to see if a particular user exists with a specified password in your user table. But you should not simply fetch all the records and check each one. That approach is inefficient and insecure as it means you have to fetch every user - and their stored password - across your network into your Java server and check if it matches the specified user. Instead you should simply ask the database to do this check for you, with a query like:



You would need to adapt this for your database and data model, but this approach means you only send one password across the network, and you never fetch any passwords out of the database at all. It also means you only need to return one value - the user ID - from the database for one row i.e. the record that matches your user. If no record is found, then you know the username/password do not exist in the database table

And if you're going to use a database, learn some SQL.
 
induz sat
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for describing about fetching all record vs what is required from the Db.

I have added the suggestions to the servlet and its working now with ResultSet.


Please helpe me to figure out what framework to use for making a simple social networking project.

So far I can get connected using simple JDBC to add a user and authenticate the credential using user's password and ID in a mySQL table.

Should I use Hibernate or just JDBC.









 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic