CODEWITHSUNDEEP
servletsauthentication
danksim
danksim

Reputation: 627

How to isolate authentication and user registration in Java/JSP

In RegServlet class, I have a doGet() method that overrides the doStuff() method. doStuff() method takes the user input from an HTML registration form, then connects to the DB, then stores the user input into the DB.

Here is the doStuff() method in my RegServlet class:

public void doStuff(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, InstantiationException, IllegalAccessException, SQLException {
    String userName = request.getParameter("userName");
    ...
    String email = request.getParameter("email");

    if(!userName.isEmpty()&&!passWord.isEmpty()) {
        request.setAttribute("userName", userName);
        ...
        request.setAttribute("email", email);

        //connect to DB
        toDB.createConnection();

        //insert information to DB
        toDB.insertNewUser(userName, passWord, lastName, firstName, age, sex, email);
        RequestDispatcher view = request.getRequestDispatcher("login.jsp");
        view.forward(request, response);            
    } else {
        RequestDispatcher view = request.getRequestDispatcher("index.jsp");
        view.forward(request, response);
    }

If the register button is clicked after everything has been entered correctly, it leads me to a login.jsp page. I am now trying to code the log-in mechanism in order for a user (who possesses username & password stored in the DB) to log in and search and add/drop courses.

I am having a hard time because I am not sure how I should go about this.

How can I isolate user registration and authentication? Should I make another class for session management or just another method in this RegServlet class?

Upvotes: 1

Views: 370

Answers (1)

Michael
Michael

Reputation: 10319

Implement your own HTTPServletFilter that check if a user is authenticated:

public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException {
    if ("a user is authenticated") {
        filterChain.doFilter(req, res);
    } else {
        // authenticate a user
    }
}

The link show the basic of HTTPServletFilter: http://www.oracle.com/technetwork/java/filters-137243.html#70176

Upvotes: 1

Related Questions