tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <...@pidster.com>
Subject Re: Problem in accessing jsp:useBean
Date Thu, 18 Nov 2010 09:11:41 GMT
On 18/11/2010 05:29, Rekha Ravi Pai wrote:
> users-digest-help@tomcat.apache.org wrote:
> 
>      users Digest 15 Nov 2010 11:40:18 -0000 Issue 10062
> 
>      Topics (messages 219005 through 219016):
> 
>      Re: Tomcat 6.0.29 using more and more RAM until it collapses?
>          219005 by: Andr Warnier
>          219010 by: Mark Thomas
> 
>      Re: 7.0.4 problem
>          219006 by: Anthony J. Biacco
> 
>      Re: Using mod_jk in cluster environment responds HTTP 500
>          219007 by: rikslovein
>          219009 by: Andr Warnier
>          219013 by: rikslovein
> 
>      Problem in accessing jsp:useBean
>          219008 by: Rekha Ravi Pai
>          219011 by: Mark Thomas
> 
>      Re: Shutting down one instance of tomcat 6 from a listener
>          219012 by: Patrick Sauts
> 
>      Tomcat Going down Frequently
>          219014 by: Amol Puglia
>          219015 by: Andr Warnier
>          219016 by: Pid
> 
>      Administrivia:

The digest?  Why are you making me read the digest of the list?


>      Subject:
>      Problem in accessing jsp:useBean
>      From:
>      Rekha Ravi Pai <rekha@softjin.com>
>      Date:
>      Mon, 15 Nov 2010 12:40:46 +0530
>      To:
>      users@tomcat.apache.org
>      To:
>      users@tomcat.apache.org
> 
>      Hi,
>      I have installed tomcat-6.0.20 and postgresql-9.0.1
>      I have created a java bean PasswordEncryptService.java
>      I have kept it in WEB-INF/classes/beans directory and in beans
> package.
>      I compiled the java file and successfully ran the class and could
>      enter a data in a table in pgsql database.
>      I have created a jsp file under webapps/apps/InfoMgmt/secure
> directory.
>      In this jsp file I imported the PasswordEncryptService class and
> used the
>      bean under the tag jsp:useBean. But I am getting the following error.
> 
>      The value for the useBean class attribute PasswordEncryptService is
> invalid.
> 
> 
>      Can anybody please, help me in resolving this issue?
> 
>      Thanks and Regards,
>      Rekha.
> 
> 
> 
> 
> 
>      Subject:
>      Re: Problem in accessing jsp:useBean
>      From:
>      Mark Thomas <markt@apache.org>
>      Date:
>      Mon, 15 Nov 2010 09:04:37 +0000
>      To:
>      Tomcat Users List <users@tomcat.apache.org>
>      To:
>      Tomcat Users List <users@tomcat.apache.org>
> 
>      On 15/11/2010 07:10, Rekha Ravi Pai wrote:
> 
> 
>          Hi,
>          I have installed tomcat-6.0.20 and postgresql-9.0.1
>          I have created a java bean PasswordEncryptService.java
>          I have kept it in WEB-INF/classes/beans directory and in beans
> package.
>          I compiled the java file and successfully ran the class and could
>          enter a data in a table in pgsql database.
>          I have created a jsp file under webapps/apps/InfoMgmt/secure
> directory.
>          In this jsp file I imported the PasswordEncryptService class
> and used the
>          bean under the tag jsp:useBean. But I am getting the following
> error.
> 
>          The value for the useBean class attribute
> PasswordEncryptService is
>          invalid.
> 
> 
>          Can anybody please, help me in resolving this issue?
> 
> 
> 
>      Not without you showing us the source for the simplest JSP and bean
> that
>      recreates this issue.
> 
>      Mark
> 

</Tedious scrolling completed>

So...

> PasswordEncryptService.java file I am giving below.
> I have placed this in the path
> /usr/local/apache-tomcat-6.0.20/webapps/apps/WEB-INF/classes/beans
> 
> /// class to verify the password
> package beans;
> 
> import java.security.NoSuchAlgorithmException;
> import java.io.*; //UnsupportedEncodingException;
> import java.security.MessageDigest;
> import org.apache.commons.codec.binary.Base64;
> import java.security.DigestOutputStream;
> import java.sql.*;
> 
> public class PasswordEncryptService implements Serializable {
>      private static final long serialVersionUID = 7526472295622776147L;
>      Connection con;
>      Statement stm ;
>      ResultSet rs = null;
> 
>      public PasswordEncryptService (){
>          try{
>              Class.forName("org.postgresql.Driver");
>              con =
> DriverManager.getConnection("jdbc:postgresql:employee_release","postgres",
> "");
>              stm =
> con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,
> ResultSet.CONCUR_UPDATABLE);
>          }
>          catch (SQLException sqle ){
>                  sqle.printStackTrace();
>          }
>          catch (ClassNotFoundException cnfe  ) {
>                  cnfe.printStackTrace();
>          }

So when you plan on closing the database connection you're opening in
the bean constructor?


p


>      }
> 
>      private String getEncryptedString  (String rawString ) throws
> Exception {  /// encrypt the raw String using SHA algorithm
>          String encryptedString = "";
>          byte[] encoded = Base64.encodeBase64(rawString.getBytes());
> 
>          encryptedString = new String(encoded);
>          return encryptedString;
>      }
> 
>      public void writeNewPasswd(String username,String passwd)throws
> Exception { ///writing new password in case the password is forgotten
>          String encryptedPasswd = "";
>          try{
>              encryptedPasswd = getEncryptedString(passwd);
>          }
>          catch(Exception e){
> 
>              e.toString();
>              //System.out.println(e.toString());
>          }
>          String query = "insert into passwd_tbl values(\'"+username;
>          query += "\',\'"+encryptedPasswd+"\')";
>          try{
>              int a = stm.executeUpdate(query);
>          }catch(SQLException e){
>              System.out.println(e.toString());
>          }
>      }
> 
>      public void changePasswd(String username,String passwd,String
> newPwd)throws Exception { /// reading all username/passwd in a vector
> deleting the perticular user and writing back the vector
>          String encryptedPasswd = "";
>          String encryptedNewPwd = "";
>          String readPasswd = "";
>          try{
>              encryptedPasswd = getEncryptedString(passwd);
>              encryptedNewPwd = getEncryptedString(newPwd);
>          }
>          catch(Exception e){
> 
>              e.toString();
>              //System.out.println(e.toString());
>          }
>          String query = "select * from passwd_tbl where ";
>          query += "username=\'"+username+"\'";
>          try{
>              rs = stm.executeQuery(query);
>          }catch(SQLException e){
>              System.out.println(e.toString());
>          }
>          if(rs.next()){
>              readPasswd = rs.getString("password");
>          }
>          if(encryptedPasswd.equals(readPasswd)){
>              String updateQuery = "update passwd_tbl set password=";
>              updateQuery += "\'"+encryptedNewPwd+"\' where ";
>              updateQuery += "username=\'"+username+"\'";
>              try{
>                  int a = stm.executeUpdate(updateQuery);
>              }catch(SQLException e){
>                  System.out.println(e.toString());
>              }
>          }
> 
>      }
> 
>      private String readPassword (String username)  throws Exception {
> //        String passwordFromFile = "";
>          boolean isFound = false;
>          int data;
> 
>          String readUsername = "", readPasswd  = "";
>          String query = "select password from passwd_tbl where ";
>          query += "username=\'"+username+"\'";
>          try{
>              rs = stm.executeQuery(query);
>          }catch(SQLException e){
>              System.out.println(e.toString());
>          }
>          if(rs.next()){
>              readPasswd = rs.getString("password");
>              isFound = true;
>          }else{
>              throw new NullPointerException (" Username  not found ");
>          }
>          return readPasswd;
>      }
> 
> 
>      /// Check if the suplied password is correct for the given username
>      public boolean isPasswordCorrect (String username, String passwd)
> throws Exception {
>          String passwordFromFile = "";
>          String encryptedPassword = "";
>          try {
>              passwordFromFile = readPassword (username);
>          } catch (Exception e) {
>              throw new Exception ("Error reading password for the user
> (" + username + ") : " + e.getMessage());
>          }
> 
>          try {
>              encryptedPassword = getEncryptedString (passwd) ;
>          } catch (Exception e ) {
>              throw new Exception ("Error encrypting the password : " +
> e.getMessage());
>          }
> 
>          return passwordFromFile.equals (encryptedPassword);
> 
>      }
> 
>      private boolean isDuplicateUsername (String username) throws
> Exception {
>          boolean isDuplicate = false;
>          String query = "select * from passwd_tbl where ";
>          query += "username=\'"+username+"\'";
>          try{
>              rs = stm.executeQuery(query);
>          }catch(SQLException e){
>              System.out.println(e.toString());
>          }
>          if(rs.next()){
>              isDuplicate = true;
>          }
>          return isDuplicate;
> 
>      }
> 
>      public void writeUsernamePassword (String username, String
> password) throws Exception {
>                  /// Write the username:password for a new user into the
> passwdFile.
>          String encryptedPassword ;
>          String loginString;
>          byte [] byteArray ;
> //        RandomAccessFile raFile = new RandomAccessFile(passwdFile,"rw");;
> 
>          try {
>              encryptedPassword = getEncryptedString (password);
>              System.out.println(encryptedPassword);
>          } catch (Exception e) {
>              throw new Exception  ("Could not write username:password
> for the user " + username + "  "  + e.getMessage());
> 
>          }
> 
>          if (isDuplicateUsername (username)) {
>              throw new Exception ("Duplication Error : the user already
> exists ");
>          } else {
>              String query = "insert into passwd_tbl values(\'"+username;
>              query += "\',\'"+encryptedPassword+"\')";
>              try {
>                  int a = stm.executeUpdate(query);
>              }catch(SQLException e){
>                  System.out.println(e.toString());
>              }
>          }
>      }
> /*
>      public static void main (String [] args) throws Exception {
>          PasswordEncryptService verify = new PasswordEncryptService ();
> //        System.out.println ("path : " + verify.getFilePath ());
>          if (args.length != 2) {
>              System.out.println ("Usage : java VerifyPasswd <username>
> <password>  ");
>              System.exit (1);
>          }
> 
>          String username = args[0];
>          String password = args [1];
> //        String newPwd = args[2];
> //        verify.changePasswd(username,password,newPwd);
>          verify.writeUsernamePassword (username, password);
> //        System.out.println(verify.getEncryptedString(password));
>          boolean isCorrect = verify.isPasswordCorrect (username, password);
>          if (isCorrect)
>              System.out.println ("Access Granted");
>          else
>              System.out.println ("Access Denied ");
>      }
> */
> }
> 
> _______________________________________________________________________________
> 
> 
> This file compiles and runs (when run using java PasswordEncryptService
> abc xyz) as expected.
> 
> My jsp file VerifyPassword.jsp that uses this bean is given below. This
> file is placed in the directory
> /usr/local/apache-tomcat-6.0.20/webapps/apps/InfoMgmt/secureNew
> 
> <HTML>
> <HEAD>
> 
> <TITLE>Creating the New User Account </TITLE>
> </HEAD>
> 
> <BODY>
> 
> <%@ page import = "beans.*, java.sql.*"%>
> 
> <jsp:useBean id="verify" scope="session" class="PasswordEncryptService" />
> 
> <jsp:useBean id="error" scope="session" class="ErrorMessageBean" />
> 
> <jsp:useBean id="cctry" scope="session" class="ConnectorClassTry" />
> 
> <%
>      error.initialise ();
>      error.setUrl ("secureNew/VerifyPassword.jsp");
> %>
> 
> <%!
> Statement stmt;
> Connection con=null;
> ResultSet rs;
> String login, passwd,empNum;
> String email;
>      public void jspDestroy(){
>          con = null;
>      }
> %>
> 
> <%
>      empNum = null;
>      login = request.getParameter ("login");
>      email = login+"@softjin.com";
>      passwd = request.getParameter("passwd");
>      boolean isCorrect = false;
>      boolean canAccess = false;
> //    isCorrect = true;
>      String referer = request.getHeader("referer");
>      out.println(referer);
>      try {
>          System.out.println(login);
>          isCorrect = verify.isPasswordCorrect(login, passwd);
>      } catch (Exception e) {
>          error.setMessage ("Could not log-in : " + e.getMessage ());
>      %>
>          <jsp:forward page = "Error.jsp" />
>      <%
>      }
>      String query = "select empid from employee_details where loginid =
> \'" + email + "\'";
>      if (isCorrect &&
> (!login.startsWith("librar"))&&(!login.equals("sysadmin")) &&
> (!login.equals("hrmgr")) && (!login.equals("finance")) &&
> (!login.equals("admin"))){
>              con = cctry.getConnection ();
>          try {
>              stmt = con.createStatement
> (ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
> 
>              rs = stmt.executeQuery (query);
>              if (rs.next ()) {  /// If a user exists
> //                session.removeAttribute("empid");
>                  session.setAttribute ("empid" , rs.getString ("empid")) ;
>              } else {
>                  throw new Exception  (" Could not get empid for <B>"  +
> login + "</B>" );
>              }
>          }
>          catch (Exception e ) {
> //            con.close();
> //            stmt.close();
>              error.setMessage ("Error occurred while obtaining empid : "
> + e.getMessage ());
>          %>
>              <jsp:forward page = "Error.jsp"  />
>          <%
>          }
>              /// Clean up
>          finally {
>              try {
>                  rs.close ();
>                  stmt.close ();
>                  con.close ();
>              }catch (Exception e) {
>                  rs = null; con = null; stmt = null;
>              }
>          }
> 
>          session.removeAttribute("email");
>          session.setAttribute("email",email);
>          session.removeAttribute("user");
>          session.setAttribute("user",login);
>          canAccess = true;
>      }
>      if(isCorrect &&
> (login.startsWith("librar")||login.equals("sysadmin")||login.equals("hrmgr")||login.equals("finance")||login.equals("admin"))){
> 
> 
>          session.removeAttribute("email");
>          session.setAttribute("email",email);
>          session.removeAttribute("user");
>          session.setAttribute("user",login);
>          canAccess = true;
>      }
>      if(canAccess){
>          out.print(login);
>          if(isCorrect){
>              out.print("true");
>          }else{
>              out.print("false");
>          }
> 
>          if(login.equals("admin")){
>      %>
>          <jsp:forward page="DifferentFormLinks.jsp" />
>      <%
>          }else
> if(login.startsWith("librar")||login.equals("sysadmin")||login.equals("hrmgr")||login.equals("finance")){
> 
>      %>
>          <jsp:forward page="homepage.jsp" />
>      <%
>          }else{
>              String empId = (String)session.getAttribute("empid");
> 
> if(referer.endsWith("secureNew/index.jsp")||referer.endsWith("secureNew/index_intab.jsp")||referer.endsWith("secureNew/CreateNewUser.jsp")){
> 
>              %>
>                  <jsp:forward page="homepage.jsp" />
>              <%
>              }
>          }
>      }
>      else{
>          error.setMessage ("Could not log-in : wrong username/password" );
>      %>
>          <jsp:forward page = "Error.jsp" />
>      <%
>      }
> %>
> 
> </body>
> </html>
> 
> 
> Regards,
> Rekha.
> 
> 
> 
> Business Disclaimer
> ____________________________________________________________
> This e-mail message and any files transmitted with it are intended solely
> for  the use  of the  individual or entity  to which they  are 
> addressed. It
> may  contain confidential,  proprietary or legally  privileged 
> information.
> If  you  are  not  the  intended recipient please be advised that you have
> received  this  message in error and any use is strictly prohibited. Please
> immediately  delete it  and all copies of it from your system, destroy any
> hard  copies  of  it and  notify  the  sender  by return mail. You must
> not,
> directly or indirectly, use,  disclose,  distribute, print, or copy any
> part of
> this message if you are not the intended recipient.
> ___________________________________________________________
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 


Mime
View raw message