Hi,
Tomcat has authentication via database built in which means you should be
able to accomplish everything without need to write any code.
Read http://jakarta.apache.org/tomcat/jakarta-tomcat/src/doc/JDBCRealm.howto
Look at server.xml for the examples of setting up a JDBCRealm with various
databases. Look in the web.xml in the examples/WEB-INF dir for an example of
setting up a login form and set of protected resources.
Note the (very good) model that tomcat uses is
1) Allow you to define a set of protected resources (html, servlets whatever)
2) when your user attempts to access one of those resources they get redirected
to your login form
3) Succesful login - they get sent to the original page they requested
4) Unsuccessful login - they get sent to your error page.
A common mistake in using JDBCRealm is to provide a link to your login form
rather than have it invoked automatically when they try to access a protected
resource. This won't work - on posting from the login page you'll get
a 404.
Let me know if you need any help with any of this
andrew
ps I'm surprised "boolean found = rs.next()" works if result set is empty.
I'd kind of expect a null pointer exception. I always do
if (rs != null && rs.next()) {
// assign something
}
if i'm expecting a single row.
>Does anyone know where I could find code for a login servlet using JDBC.
>I have a login tested, it checks the database and it outputs whether the
>username and password are correct to the jsp page, but I need to use a
>servlet for redirecting the user.
>Here is the code i have for the login procedure
>
>public void applyChanges() throws Exception
> {
> Statement statement = connection.createStatement();
> try{
> ResultSet rs = statement.executeQuery("SELECT * from Registration
>WHERE (Username ='"
> + theUsername
> + "' AND Password = '"
> + thePassword + "');");
>
> boolean found = rs.next();
> System.out.println(found);
> rs.close();
> statement.close();
>
> if(found == true)
> {
>
> System.out.println("THAT IS THE CORRECT USERNAME AN PASSWORD!!");
> //request.setAttribute ("servletName", "servletToJsp");
> rs.close();
> statement.close();
> //response.sendRedirect ("/login.jsp");
> }
> else
> {
> System.out.println("YOU ARE NOT IN OUR DB :-(");
> rs.close();
> statement.close();
> }
> }
> catch (Exception e)
> {
>
> }
>
> }
>}
>
>ANY help at all would be much appreciated. Thanks in advance, Mick
>_________________________________________________________________________
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>
>
