From 6df322a7475686908bb7634fdfab85182f46d336 Mon Sep 17 00:00:00 2001
From: Stefan Suhren <suhren.stefan@fh-swf.de>
Date: Mon, 16 Nov 2015 10:29:28 +0100
Subject: Use jsp:useBean with the Account object

---
 .../fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java   | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'src/de')

diff --git a/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java b/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java
index e5611b8..498582b 100644
--- a/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java
+++ b/src/de/fhswf/in/inf/fit/aufgabe6/LoginServletWithJpaAndJsp.java
@@ -64,9 +64,15 @@ public class LoginServletWithJpaAndJsp extends HttpServlet
       // This is very insecure and can be exploited via timing attacks
       if (account != null && account.isPasswordCorrect(requestPassword))
       {
-         request.getSession().setAttribute("username", account.getUsername());
+         request.getSession().setAttribute("user", account);
 
-         response.sendRedirect("LoginSuccess.jsp");
+         // RequestDispatcher dispatcher = getServletContext()
+         // .getRequestDispatcher("/LoginSuccess.jsp");
+         //
+         // dispatcher.forward(request, response);
+
+         response
+               .sendRedirect(response.encodeRedirectURL("LoginSuccess.jsp"));
       }
       else
       {
-- 
cgit v1.2.3-70-g09d2