yea I did attach a .java file, anyways I am posting the code here;
 
package org.mcb.services;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
 *
 * @author yawar.saeed
 */
public class loginmanager extends HttpServlet {
   
    protected void processRequest(HttpServletRequest request, 
HttpServletResponse response)
    throws ServletException, IOException {
        response.setContentType("text/html;charset=iso-8859-1");
        PrintWriter out = response.getWriter();
        try {
             userbean user = new userbean();
             user.setUserId(request.getParameter("txt_userid"));
             user.setPassword(request.getParameter("txt_pass"));
             user = udac.login(user);
             if (user.isValid()){
                  HttpSession session = request.getSession(true);
                  session.setAttribute("user_id",user.getUserId());
                  session.setAttribute("user_name",user.getName());
                  session.setAttribute("role_id",user.getRole());
                  session.setAttribute("role_desc", user.getRoleDesc());
                  session.setAttribute("last_login", user.getLastLogin());
                  //response.sendRedirect("main.jsp"); //logged-in page
                  response.sendRedirect(response.encodeRedirectURL("main.jsp"));
             }else{
                //  response.sendRedirect("index.jsp?user="+user.isValid()); 
//revert back to login page
                  
response.sendRedirect(response.encodeRedirectURL("index.jsp?user="+user.isValid()));
 //revert back to login page
             }
        } finally {
            out.close();
        }
    } 
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse 
response)
    throws ServletException, IOException {
        processRequest(request, response);
    } 
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse 
response)
    throws ServletException, IOException {
        processRequest(request, response);
    }
}


________________________________

From: Wesley Acheson [mailto:wesley.ache...@gmail.com]
Sent: Fri 20-Aug-10 1:56 AM
To: Tomcat Users List
Subject: Re: Sessions mix-up on Tomcat 6.0.26 on Linux



Sorry can't see it. Are you sure you attached it? you could use something
like pastebin if the mail list does accept attachments


On Thu, Aug 19, 2010 at 9:27 PM, Yawar Saeed Khan/ITG/Karachi <
yawar.sa...@mcb.com.pk> wrote:

> source code is attached;
>
> suggestions are welcome.
>
> ________________________________
>
> From: Wesley Acheson [mailto:wesley.ache...@gmail.com]
> Sent: Fri 20-Aug-10 12:38 AM
> To: Tomcat Users List
> Subject: Re: Sessions mix-up on Tomcat 6.0.26 on Linux
>
>
>
> Okay I've a little tehory could you post the entire code for loginmanager.
>
> How is udac declared?  If its a class variable then *ITS NOT THREAD SAFE*.
> As a basic rule don't declare class variables in a servlet (There are
> exceptions to this rule but you shouldn't under normal circumstances)
>
>
>
> This E-mail is confidential. It may also be legally privileged. If you are
> not the addressee you may not copy, forward, disclose or use any part of it.
> If you have received this message in error, please delete it and all copies
> from your system and notify the sender immediately by return E-mail.
> Internet communications cannot be guaranteed to be timely, secure, error or
> virus-free. MCB Bank does not accept liability for any errors or omissions.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>



This E-mail is confidential. It may also be legally privileged. If you are not 
the addressee you may not copy, forward, disclose or use any part of it. If you 
have received this message in error, please delete it and all copies from your 
system and notify the sender immediately by return E-mail. Internet 
communications cannot be guaranteed to be timely, secure, error or virus-free. 
MCB Bank does not accept liability for any errors or omissions.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to