Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <body>
- <form action='/webapp/secret' method='post'>
- username: <input type='text' name ='username'><br>
- password: <input type='password' name ='password'><br>
- <input type='submit', value='login'>
- </form>
- </body>
- </html>
- @WebFilter(filterName = "AuthFilter",urlPatterns = "/secret")
- public class AuthFilter implements Filter {
- @Override
- public void init(FilterConfig filterConfig) throws ServletException {}
- @Override
- public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
- String username = req.getParameter("username");
- String password = req.getParameter("password");
- if(username == null || password == null){
- PrintWriter out = resp.getWriter();
- out.println("access denied");
- req.getRequestDispatcher("/basic/login.jsp").include(req,resp);
- out.println("Access to this page is restricted to authorised people only.");
- return;
- }
- Credentials creds = new Credentials(username,password, false);
- if(validate(creds)){
- req.setAttribute(AuthConstants.ATTR_ACTIVE_USER,creds);
- chain.doFilter(req,resp);
- } else{
- PrintWriter out = resp.getWriter();
- out.println("<font color='red'><b>username or pasword is incorrect</b></font>");
- req.getRequestDispatcher("/basic/login.jsp").include(req,resp);
- out.println("Please try again.");
- }
- }
- ...
- }
- out.println("access denied");
- out.println("<font color='red'><b>username or pasword is incorrect</b></font>");
Add Comment
Please, Sign In to add comment