diff options
Diffstat (limited to 'src/de/fhswf/in/inf/fit/aufgabe6')
| -rw-r--r-- | src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java b/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java index e5611b8..498582b 100644 --- a/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java +++ b/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java @@ -64,9 +64,15 @@ public class LoginServletWithJpaAndJsp extends HttpServlet // This is very insecure and can be exploited via timing attacks if (account != null && account.isPasswordCorrect(requestPassword)) { - request.getSession().setAttribute("username", account.getUsername()); + request.getSession().setAttribute("user", account); - response.sendRedirect("LoginSuccess.jsp"); + // RequestDispatcher dispatcher = getServletContext() + // .getRequestDispatcher("/LoginSuccess.jsp"); + // + // dispatcher.forward(request, response); + + response + .sendRedirect(response.encodeRedirectURL("LoginSuccess.jsp")); } else { |