I am currently making a dvd browsing system using JSP / Java Servlets and am having trouble figuring out a way to make my login page a bit more efficient.
My current login system does this: When a user submits the correct email/password combination, a servlet checks to see if the combination is correct and they are redirected to a lobby page. If a password is wrong, they are sent to a /retry.jsp page which is basically a duplicate copy of the login page with an extra
stating that the password is wrong.
I recognize this is not the best way to do this but is there an alternative method of implement开发者_开发问答ing a solid login page?
EDIT I found kind of a solution to my problem albeit maybe not the best. I used the session variable to hold a value "badlogin" if the wrong username/password combination was used. If this session variable existed then the "wrong password" message would show. Any comments on this?
I haven't used JSP, but in most web app frameworks I've used it is possible to use a variable to toggle and error message in the template. You use the same page for both views, but when it is displayed for a failed attempt, an extra div is inserted with the appropriate message.
You can have your servlet validate the password:
For example:
In the login page jsp:
<%
if(request.getAttribute("passwordError")!=null){
out.print(request.getAttribute("passwordError");
}
%>
In the Servlet
if(request.getParameter("password")!=null&&request.getParameter("password").equals("correctPassword"){
// Redirect to Lobby Page
}
else{
request.setAttribute("passwordError", "Incorrect Password");
// Send back to login page
}
This will then display the password error on the login page, avoiding page duplication and the need to use sessions.
Hope this helps.
Tobias.
精彩评论