I am having a html page, which takes in the username and password and takes it to the servlet for authenticating. If authenticated, it gets a link to go to another html page, which accepts input for placing a order, this inputs are finally passed to a servlet, which makes the data persistent by storing it in the database,
By far, i can make a html page for username and password and a servlet for authenticating. even the link for going to another html page, which accepts the input of the order details also works, after that, the servlet does not work.
Using Glasfish Server and netbeans for development.
check Servlet Filter : they are invoked before/after a servlet, and are used to handle authentication, caching, etc
Related
I have Two Textboxes username and Password Which are currently present in JSP and Now I want to convert it into AngularJS SPA Program.
The Login form or the Index page Consists of Username, Password, In-Time, out-Time and Reset.
The Form calls the Java program to store this values or verify the credentials.
I am stuck how to use routing in this existing application. Any Help would be Appreciated!
It would help if you could expand on your question.
However I am taking few assumptions
1. You have an existing JSP application which you want to convert to Angular SPA
2. Your JSP application has a login page which has two textboxes namely UserId & Password and some additional controls.
You are looking at way of how do you still do your authentication with similar setup in Angular SPA, where in your earlier case it was simple Form Post and redirection on successful login.
The simple answer to your question would be create a in memory form(html) using jquery or javascript and do a post action which would return the form body on successful login. Assuming you get a token, store it on client side and authenticate the same on every subsequent request.
However this approach will not help you understand either SPA or Angular.
Here is my advise : First Understand SPA and the respective life cycle of SPA(Angular in particular). This will help you in devising a proper plan to migrate your current JSP application to Angular.
https://www.codeschool.com/beginners-guide-to-web-development/single-page-applications
I will be happy to help if you need any further guidance.
I am developing an application in which i am using angularjs at client side and java,spring at server side,all communication is in the form of JSON.
The problem i am getting is about security.
I have multiple roles, user can have and based on these roles,tabs on UI are visible or not.
If i use JSP then it is easy to use taglib for this problem because jsp is compiled at server and returned html will not have html section for hidden tabs and there is no way by which end-user can see these tabs or their URL part.
But how to solve this problem in angular based application because whatever code i write in angular file,user can change it by firebug etc. and can see the tabs and their URLs.
example : i have following in my html :
Users
I want to hide this thing completely if user is not having required role.
One solution can be writing some directive but user can edit the script of this directive and can see this thing in html.
You need to do 2 things :
Implements an angular Service, giving your client side the authorization (obtained by REST)
Then, on the server side :
you need to protect ALL RESOURCES (html, angular controllers, angular services, rest resources) depending on the user's rights.
May you can protect only Rest Resources if Client side's ones are not critical (I don't mind if my user get my html).
This way, the user won't see the tabs he is not supposed to, but more important, he can't bypass your security in order to show it.
By protecting HTML, I mean that for the tab XX I use ng-include="'tabXX.html'", and I protect this html with Spring Security the same way I protect RestResources.
The idea is that you can add something to a database, which goes from browser -> java code -> JSP -> java code -> database, and you are then redirected to a page containing the information you sent. The servlets are in place but I cannot redirect to the HTML page from a get request.
I have a servlet to PrintWriter().print() the data in a Json object, but that servlet is called from the javascrit within the HTML page. How can I send the HTML page? Should I parse the HTML page and PrintWriter().print() each line? Is there a more proper way of doing this?
Keep in mind that sending HTML straight from JSP is not an option, and I can't change the structure of the system.
edit: Sorry, I typed that in a rush.
As a preface, the system is similar to StackOverflow, whereby you can submit a 'request' which prompts the community to crowd-source learning material.
Right now, the structure of the system is JS/HTML on the browser side, which communicates with a mySQL DB through an API written in Java. The API goes through JSP which communicates with an inner Java API for accessing the DB. The catch is that I must return Json objects from the API. I know that JSP is essentially useless and I could interface the two APIs without JSP, but this is a first year college project so I don't have the choice.
When you submit something to the database using the url /addrequest (or similar), the system puts the text into the database and then redirects you to /request/idnumber. When you access the /request/* URL, another servlet runs. I want this servlet to tell the browser to open my "request_display.html" page. Then the javascript on that page will call another url to get the Json object through the API, and then it will build the page.
I don't know how to tell the browser to open a html page. Should I just parse the html file and then use response.GetWriter().print() to do send the HTML?
If you are in a Servlet:
response.sendRedirect("pathOf YourHTMLPage");
If you are in a JSP page, try using a form or a "a" element. Like this:
<form action="nameOfYourServlet"></form>
or
Can't really understand what you are looking for but if you want to redirect user to an html page using servlet this can be done using response.sendRedirect("path to html");
It would be nice if you could explain via some code as your English is hard to understand.
response.sendRedirect("redirect.html");
Alternative way
ServletContext sc = getServletContext();
sc.getRequestDispatcher("/redirect.html").forward(request, response);
I am new to servlets, and would like to follow the Model2 paradigm by keeping all my "code" in servlets, and html/beans in jsp pages. But, is there a way to run a servlet when I access a jsp page without using a form submission. For example, I have a login page. If the user logs in and then somehow goes back to the login page I want to check for the existance of their session and automatically move them on to their welcome page. This is one real world example, but it seems it would come in handy to run code without having to submit a form for a multitude of reasons.
you dont have to submit a form to invoke a servlet. All you have to do is have the browser hit the url that is mapped to the servlet. That could happen when submitting a form, clicking a link, invoking an xhr, using curl or wget from the command line, etc.
Also, keeping all code in servlets is not good design. Your servlets should handle incoming requests, invoke business logic implemented in separate classes (for good modularity and testing purposes), and return the appropriate response.
If I recall correctly, in Model2, the user never navigates to (JSP) pages - only controllers (servlets). Trying to access a lower layer of code (a servlet) direcltly from a view (the page) is a violation of MVC/Model2.
I have an application running under WebLogic that is using standard forms authentication. The login page is a JSP that presents the login form that will post to j_security_check. So as you would expect, when a user tries to access a page but is not yet authenticated, they will be redirected to the login.jsp.
My question is, how can I determine the page that the user was attempting to hit before WebLogic redirected them to the login page? I wish to use this to change the content of the login page depending on the user's destination. I'm not seeing anything in the request ojbect that would tell me this.
Thanks for any hints!
You can use:
weblogic.servlet.security.ServletAuthentication.getTargetURLForFormAuthentication(request.getSession())
This is a public static method and returns a String.
I've tested and it works for me.
We concluded there was no way to find out the target URL from the login page. I woudln't mind being proven wrong. :)
In the meantime, the solution was to deploy the content in second WAR with it's own login page providing the alternate content. Lots of overhead for what should be a simple problem to solve.