/* * To change this license header, choose License Headers in Project Properti

1. /*
2. * To change this license header, choose License Headers in Project Properties.
3. * To change this template file, choose Tools | Templates
4. * and open the template in the editor.
5. */
6. package java.SDEV425_HW4;
7.  
8. import org.apache.derby.jdbc.ClientDataSource;
9.  
10. import javax.servlet.RequestDispatcher;
11. import javax.servlet.ServletException;
12. import javax.servlet.http.HttpServlet;
13. import javax.servlet.http.HttpServletRequest;
14. import javax.servlet.http.HttpServletResponse;
15. import javax.servlet.http.HttpSession;
16. import java.io.IOException;
17. import java.io.PrintWriter;
18. import java.sql.Connection;
19. import java.sql.PreparedStatement;
20. import java.sql.ResultSet;
21. import java.sql.Statement;
22.  
23.  
24. public class Authenticate extends HttpServlet {
25.  
26. // variables
27. private String username;
28. private String pword;
29. private Boolean isValid;
30. private int user_id;
31. private HttpSession session;
32.  
33. /**
34. * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
35. * methods.
36. *
37. * @param request servlet request
38. * @param response servlet response
39. * @throws IOException if an I/O error occurs
40. */
41. protected void processRequest(HttpServletRequest request, HttpServletResponse response)
42. throws IOException {
43. response.setContentType( "text/html;charset=UTF-8" );
44. try (PrintWriter out = response.getWriter()) {
45. /* TODO output your page here. You may use following sample code. */
46. out.println( "<!DOCTYPE html>" );
47. out.println( "<html>" );
48. out.println( "<head>" );
49. out.println( "<title>Servlet Authenticate</title>" );
50. out.println( "</head>" );
51. out.println( "<body>" );
52. out.println( "<h1>Servlet Authenticate at " + request.getContextPath() + "</h1>" );
53. out.println( "<h1>Results are " + username + "," + isValid + "</h1>" );
54. out.println( "</body>" );
55. out.println( "</html>" );
56. }
57. }
58.  
59. // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
60.  
61. /**
62. * Handles the HTTP <code>GET</code> method.
63. *
64. * @param request servlet request
65. * @param response servlet response
66. * @throws ServletException if a servlet-specific error occurs
67. * @throws IOException if an I/O error occurs
68. */
69. @Override
70. protected void doGet(HttpServletRequest request, HttpServletResponse response)
71. throws ServletException, IOException {
72. processRequest( request, response );
73. }
74.  
75. /**
76. * Handles the HTTP <code>POST</code> method.
77. *
78. * @param request servlet request
79. * @param response servlet response
80. * @throws ServletException if a servlet-specific error occurs
81. * @throws IOException if an I/O error occurs
82. */
83. @Override
84. protected void doPost(HttpServletRequest request, HttpServletResponse response)
85. throws ServletException, IOException {
86.  
87. // Get the post input
88. this.username = request.getParameter( "emailAddress" );
89. this.pword = request.getParameter( "pfield" );
90. try {
91. this.isValid = validate( this.username, this.pword );
92. } catch (Exception e) {
93. e.printStackTrace();
94. }
95. response.setContentType( "text/html;charset=UTF-8" );
96. // Set the session variable
97. if (isValid) {
98. // Create a session object if it is already not created.
99. session = request.getSession( true );
100. session.setAttribute( "UMUCUserEmail", username );
101. session.setAttribute( "UMUCUserID", user_id );
102.  
103. // Send to the Welcome JSP page
104.  
105. RequestDispatcher dispatcher = request.getRequestDispatcher( "welcome.jsp" );
106. dispatcher.forward( request, response );
107.  
108. } else {
109. // Not a valid login
110. // refer them back to the Login screen
111.  
112. request.setAttribute( "ErrorMessage", "Invalid Username or Password. Try again or contact Jim." );
113. RequestDispatcher dispatcher = request.getRequestDispatcher( "login.jsp" );
114. dispatcher.forward( request, response );
115. }
116. }
117.  
118. /**
119. * Returns a short description of the servlet.
120. *
121. * @return a String containing servlet description
122. */
123. @Override
124. public String getServletInfo() {
125. return "Short description";
126. }// </editor-fold>
127.  
128. // Method to Authenticate
129. public boolean validate(String name, String pass) throws Exception {
130. boolean status = false;
131. int hitcnt = 0;
132.  
133. TrippleDes td = new TrippleDes();
134.  
135. try {
136. ClientDataSource ds = new ClientDataSource();
137. ds.setDatabaseName( "SDEV425" );
138. ds.setServerName( "localhost" );
139. ds.setPortNumber( 1527 );
140. ds.setUser( td.decrypt( td.getDbUname() ) );
141. ds.setPassword( td.decrypt( td.getDbpname() ) );
142. ds.setDataSourceName( "jdbc:derby" );
143.  
144. Connection conn = ds.getConnection();
145. Statement statement = null;
146. PreparedStatement preparedStatement = null, preparedStatement2 = null;
147. ResultSet resultSet = null;
148.  
149. try {
150. String query = "select user_id from sdev_users where email = ?";
151. preparedStatement = conn.prepareStatement( query );
152. preparedStatement.setString( 1, name );
153. preparedStatement.executeQuery();
154.  
155. } catch (Exception e) {
156. e.printStackTrace();
157. }
158.  
159. String query2 = "select user_id from user_info where user_id = ? and password = ?";
160. preparedStatement2 = con.prepareStatement(query2);
161. preparedStatement2.setString(1, user_id);
162. preparedStatement2.setString(2, this.pword);
163. preparedStatement2.executeQuery();
164. } catch (Exception e) {
165. e.printStackTrace();
166. }
167. return status;
168. }
169. }