Issue
I am trying to implement this code to process the user login but does not work.
It skips the if statement in the code which means that something is wrong in the user validation or selection. It just goes to the error page after pressing the submit button.
Here is the code I am using below
CustomerController:
HttpSession session = request.getSession();
String userName = request.getParameter("userName");
String password = request.getParameter("password");
String firstname = request.getParameter("firstname");
User.getTransaction().begin();
Query query = User.createQuery("select p from Customer where p.userName=:uName");
query.setParameter("uName", userName);
@SuppressWarnings("unchecked")
List<Customer> Result = query.getResultList();
User.close();
if(Result.size()>0)
if(Result.get(0).getPassword().equals(password))
{
Customer pass=Result.get(0);
session.setAttribute("Id", pass.getId());
String message="Welcome " + firstname;
return new ModelAndView("userpage","pass",pass);
}
return new ModelAndView("error","message","Wrong credentials");
}
login jsp file:
<form action="signin" method="post">
<table align="center">
<tr>
<td>
<label>User Name</label>
</td>
<td>
<input type="text" name="UserName" />
</td>
</tr>
<tr>
<td>
<label >Password</label>
</td>
<td>
<input type="text" name="password" />
</td>
</tr>
<tr>
<td></td>
<td>
<button id="login" type="submit" name="login" style="width:100%;border-
radius:10px;text-shadow:2px 2px 3px
rgba(150,150,150,0.75);font-family:time">Login</button>
</td>
</tr>
<tr>
<td><a href="register">Don't have an account? Sign Up?</a>
</td>
</tr>
</table>
</form>
Solution
- first of all, respect the cases in
request.getParameter("UserName");
same as in name of input tag<input type="text" name="UserName" />
String firstname = request.getParameter("firstname");
this line will try to extract the parameterfirstname
from youPOST
request, in other words it extracts it from your login form which only contains two fields for login and password. so you just have to delete this line of code.- no need to use this
User.getTransaction().begin();
in getting data from database - your query is wrong
try this code:
HttpSession session = request.getSession();
/*get username and password from the login form*/
String userName = request.getParameter("UserName");
String password = request.getParameter("password");
/*query to search customer having the username and password inserted in the login form*/
Query query = User.createQuery("select p from Customer p where p.userName = :uName and p.password = :uPassword");
query.setParameter("uName", userName);
query.setParameter("uPassword", password);
/*getting the result*/
Customer pass = (Customer) query.getSingleResult();
User.close();
/*if not null, means we have found the user (correct username and password), else login failed)*/
if(pass!=null){
session.setAttribute("Id", pass.getId());
String message="Welcome " + pass.getFirstname();
}
else{
String message="Authentication Error";
}
return new ModelAndView("userpage","pass",pass);
Answered By - Bashir
Answer Checked By - Katrina (JavaFixing Volunteer)