From 6df322a7475686908bb7634fdfab85182f46d336 Mon Sep 17 00:00:00 2001 From: Stefan Suhren Date: Mon, 16 Nov 2015 10:29:28 +0100 Subject: Use jsp:useBean with the Account object --- WebContent/LoginSuccess.jsp | 3 ++- .../fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java | 10 ++++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/WebContent/LoginSuccess.jsp b/WebContent/LoginSuccess.jsp index e144166..32255f0 100644 --- a/WebContent/LoginSuccess.jsp +++ b/WebContent/LoginSuccess.jsp @@ -1,5 +1,6 @@ <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> + @@ -7,7 +8,7 @@ Welcome -

Welcome <%= session.getAttribute("username") %>

Welcome

Retry \ No newline at end of file diff --git a/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java b/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java index e5611b8..498582b 100644 --- a/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java +++ b/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java @@ -64,9 +64,15 @@ public class LoginServletWithJpaAndJsp extends HttpServlet // This is very insecure and can be exploited via timing attacks if (account != null && account.isPasswordCorrect(requestPassword)) { - request.getSession().setAttribute("username", account.getUsername()); + request.getSession().setAttribute("user", account); - response.sendRedirect("LoginSuccess.jsp"); + // RequestDispatcher dispatcher = getServletContext() + // .getRequestDispatcher("/LoginSuccess.jsp"); + // + // dispatcher.forward(request, response); + + response + .sendRedirect(response.encodeRedirectURL("LoginSuccess.jsp")); } else { -- cgit v1.2.3-70-g09d2