tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rekha Ravi Pai <re...@softjin.com>
Subject Re: Problem in accessing jsp:useBean
Date Thu, 18 Nov 2010 05:29:42 GMT
users-digest-help@tomcat.apache.org wrote:

      users Digest 15 Nov 2010 11:40:18 -0000 Issue 10062

      Topics (messages 219005 through 219016):

      Re: Tomcat 6.0.29 using more and more RAM until it collapses?
      	219005 by: Andr Warnier
      	219010 by: Mark Thomas

      Re: 7.0.4 problem
      	219006 by: Anthony J. Biacco

      Re: Using mod_jk in cluster environment responds HTTP 500
      	219007 by: rikslovein
      	219009 by: Andr Warnier
      	219013 by: rikslovein

      Problem in accessing jsp:useBean
      	219008 by: Rekha Ravi Pai
      	219011 by: Mark Thomas

      Re: Shutting down one instance of tomcat 6 from a listener
      	219012 by: Patrick Sauts

      Tomcat Going down Frequently
      	219014 by: Amol Puglia
      	219015 by: Andr Warnier
      	219016 by: Pid

      Administrivia:




      Subject:
      Problem in accessing jsp:useBean
      From:
      Rekha Ravi Pai <rekha@softjin.com>
      Date:
      Mon, 15 Nov 2010 12:40:46 +0530
      To:
      users@tomcat.apache.org
      To:
      users@tomcat.apache.org

      Hi,
      I have installed tomcat-6.0.20 and postgresql-9.0.1
      I have created a java bean PasswordEncryptService.java
      I have kept it in WEB-INF/classes/beans directory and in beans 
package.
      I compiled the java file and successfully ran the class and could
      enter a data in a table in pgsql database.
      I have created a jsp file under webapps/apps/InfoMgmt/secure 
directory.
      In this jsp file I imported the PasswordEncryptService class and used 
the
      bean under the tag jsp:useBean. But I am getting the following error.

      The value for the useBean class attribute PasswordEncryptService is 
invalid.


      Can anybody please, help me in resolving this issue?

      Thanks and Regards,
      Rekha.





      Subject:
      Re: Problem in accessing jsp:useBean
      From:
      Mark Thomas <markt@apache.org>
      Date:
      Mon, 15 Nov 2010 09:04:37 +0000
      To:
      Tomcat Users List <users@tomcat.apache.org>
      To:
      Tomcat Users List <users@tomcat.apache.org>

      On 15/11/2010 07:10, Rekha Ravi Pai wrote:


          Hi,
          I have installed tomcat-6.0.20 and postgresql-9.0.1
          I have created a java bean PasswordEncryptService.java
          I have kept it in WEB-INF/classes/beans directory and in beans 
package.
          I compiled the java file and successfully ran the class and could
          enter a data in a table in pgsql database.
          I have created a jsp file under webapps/apps/InfoMgmt/secure 
directory.
          In this jsp file I imported the PasswordEncryptService class and 
used the
          bean under the tag jsp:useBean. But I am getting the following 
error.

          The value for the useBean class attribute PasswordEncryptService 
is
          invalid.


          Can anybody please, help me in resolving this issue?



      Not without you showing us the source for the simplest JSP and bean 
that
      recreates this issue.

      Mark





PasswordEncryptService.java file I am giving below.
I have placed this in the path
/usr/local/apache-tomcat-6.0.20/webapps/apps/WEB-INF/classes/beans

/// class to verify the password
package beans;

import java.security.NoSuchAlgorithmException;
import java.io.*; //UnsupportedEncodingException;
import java.security.MessageDigest;
import org.apache.commons.codec.binary.Base64;
import java.security.DigestOutputStream;
import java.sql.*;

public class PasswordEncryptService implements Serializable {
      private static final long serialVersionUID = 7526472295622776147L;
      Connection con;
      Statement stm ;
      ResultSet rs = null;

      public PasswordEncryptService (){
          try{
              Class.forName("org.postgresql.Driver");
              con = 
DriverManager.getConnection("jdbc:postgresql:employee_release","postgres", 
"");
              stm = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, 
ResultSet.CONCUR_UPDATABLE);
          }
          catch (SQLException sqle ){
                  sqle.printStackTrace();
          }
          catch (ClassNotFoundException cnfe  ) {
                  cnfe.printStackTrace();
          }

      }

      private String getEncryptedString  (String rawString ) throws 
Exception {  /// encrypt the raw String using SHA algorithm
          String encryptedString = "";
          byte[] encoded = Base64.encodeBase64(rawString.getBytes());

          encryptedString = new String(encoded);
          return encryptedString;
      }

      public void writeNewPasswd(String username,String passwd)throws 
Exception { ///writing new password in case the password is forgotten
          String encryptedPasswd = "";
          try{
              encryptedPasswd = getEncryptedString(passwd);
          }
          catch(Exception e){

              e.toString();
              //System.out.println(e.toString());
          }
          String query = "insert into passwd_tbl values(\'"+username;
          query += "\',\'"+encryptedPasswd+"\')";
          try{
              int a = stm.executeUpdate(query);
          }catch(SQLException e){
              System.out.println(e.toString());
          }
      }

      public void changePasswd(String username,String passwd,String 
newPwd)throws Exception { /// reading all username/passwd in a vector 
deleting the perticular user and writing back the vector
          String encryptedPasswd = "";
          String encryptedNewPwd = "";
          String readPasswd = "";
          try{
              encryptedPasswd = getEncryptedString(passwd);
              encryptedNewPwd = getEncryptedString(newPwd);
          }
          catch(Exception e){

              e.toString();
              //System.out.println(e.toString());
          }
          String query = "select * from passwd_tbl where ";
          query += "username=\'"+username+"\'";
          try{
              rs = stm.executeQuery(query);
          }catch(SQLException e){
              System.out.println(e.toString());
          }
          if(rs.next()){
              readPasswd = rs.getString("password");
          }
          if(encryptedPasswd.equals(readPasswd)){
              String updateQuery = "update passwd_tbl set password=";
              updateQuery += "\'"+encryptedNewPwd+"\' where ";
              updateQuery += "username=\'"+username+"\'";
              try{
                  int a = stm.executeUpdate(updateQuery);
              }catch(SQLException e){
                  System.out.println(e.toString());
              }
          }

      }

      private String readPassword (String username)  throws Exception {
//        String passwordFromFile = "";
          boolean isFound = false;
          int data;

          String readUsername = "", readPasswd  = "";
          String query = "select password from passwd_tbl where ";
          query += "username=\'"+username+"\'";
          try{
              rs = stm.executeQuery(query);
          }catch(SQLException e){
              System.out.println(e.toString());
          }
          if(rs.next()){
              readPasswd = rs.getString("password");
              isFound = true;
          }else{
              throw new NullPointerException (" Username  not found ");
          }
          return readPasswd;
      }


      /// Check if the suplied password is correct for the given username
      public boolean isPasswordCorrect (String username, String passwd) 
throws Exception {
          String passwordFromFile = "";
          String encryptedPassword = "";
          try {
              passwordFromFile = readPassword (username);
          } catch (Exception e) {
              throw new Exception ("Error reading password for the user (" + 
username + ") : " + e.getMessage());
          }

          try {
              encryptedPassword = getEncryptedString (passwd) ;
          } catch (Exception e ) {
              throw new Exception ("Error encrypting the password : " + 
e.getMessage());
          }

          return passwordFromFile.equals (encryptedPassword);

      }

      private boolean isDuplicateUsername (String username) throws Exception 
{
          boolean isDuplicate = false;
          String query = "select * from passwd_tbl where ";
          query += "username=\'"+username+"\'";
          try{
              rs = stm.executeQuery(query);
          }catch(SQLException e){
              System.out.println(e.toString());
          }
          if(rs.next()){
              isDuplicate = true;
          }
          return isDuplicate;

      }

      public void writeUsernamePassword (String username, String password) 
throws Exception {
                  /// Write the username:password for a new user into the 
passwdFile.
          String encryptedPassword ;
          String loginString;
          byte [] byteArray ;
//        RandomAccessFile raFile = new 
RandomAccessFile(passwdFile,"rw");;

          try {
              encryptedPassword = getEncryptedString (password);
              System.out.println(encryptedPassword);
          } catch (Exception e) {
              throw new Exception  ("Could not write username:password for 
the user " + username + "  "  + e.getMessage());

          }

          if (isDuplicateUsername (username)) {
              throw new Exception ("Duplication Error : the user already 
exists ");
          } else {
              String query = "insert into passwd_tbl values(\'"+username;
              query += "\',\'"+encryptedPassword+"\')";
              try {
                  int a = stm.executeUpdate(query);
              }catch(SQLException e){
                  System.out.println(e.toString());
              }
          }
      }
/*
      public static void main (String [] args) throws Exception {
          PasswordEncryptService verify = new PasswordEncryptService ();
//        System.out.println ("path : " + verify.getFilePath ());
          if (args.length != 2) {
              System.out.println ("Usage : java VerifyPasswd <username> 
<password>  ");
              System.exit (1);
          }

          String username = args[0];
          String password = args [1];
//        String newPwd = args[2];
//        verify.changePasswd(username,password,newPwd);
          verify.writeUsernamePassword (username, password);
//        System.out.println(verify.getEncryptedString(password));
          boolean isCorrect = verify.isPasswordCorrect (username, password);
          if (isCorrect)
              System.out.println ("Access Granted");
          else
              System.out.println ("Access Denied ");
      }
*/
}

_______________________________________________________________________________

This file compiles and runs (when run using java PasswordEncryptService 
abc xyz) as expected.

My jsp file VerifyPassword.jsp that uses this bean is given below. This 
file is placed in the directory
/usr/local/apache-tomcat-6.0.20/webapps/apps/InfoMgmt/secureNew

<HTML>
<HEAD>

<TITLE>Creating the New User Account </TITLE>
</HEAD>

<BODY>

<%@ page import = "beans.*, java.sql.*"%>

<jsp:useBean id="verify" scope="session" class="PasswordEncryptService" />

<jsp:useBean id="error" scope="session" class="ErrorMessageBean" />

<jsp:useBean id="cctry" scope="session" class="ConnectorClassTry" />

<%
      error.initialise ();
      error.setUrl ("secureNew/VerifyPassword.jsp");
%>

<%!
Statement stmt;
Connection con=null;
ResultSet rs;
String login, passwd,empNum;
String email;
      public void jspDestroy(){
          con = null;
      }
%>

<%
      empNum = null;
      login = request.getParameter ("login");
      email = login+"@softjin.com";
      passwd = request.getParameter("passwd");
      boolean isCorrect = false;
      boolean canAccess = false;
//    isCorrect = true;
      String referer = request.getHeader("referer");
      out.println(referer);
      try {
          System.out.println(login);
          isCorrect = verify.isPasswordCorrect(login, passwd);
      } catch (Exception e) {
          error.setMessage ("Could not log-in : " + e.getMessage ());
      %>
          <jsp:forward page = "Error.jsp" />
      <%
      }
      String query = "select empid from employee_details where loginid = \'" 
+ email + "\'";
      if (isCorrect && 
(!login.startsWith("librar"))&&(!login.equals("sysadmin")) && 
(!login.equals("hrmgr")) && (!login.equals("finance")) && 
(!login.equals("admin"))){
              con = cctry.getConnection ();
          try {
              stmt = con.createStatement (ResultSet.TYPE_SCROLL_INSENSITIVE, 
ResultSet.CONCUR_UPDATABLE);

              rs = stmt.executeQuery (query);
              if (rs.next ()) {  /// If a user exists
//                session.removeAttribute("empid");
                  session.setAttribute ("empid" , rs.getString ("empid")) 
;
              } else {
                  throw new Exception  (" Could not get empid for <B>"  + 
login + "</B>" );
              }
          }
          catch (Exception e ) {
//            con.close();
//            stmt.close();
              error.setMessage ("Error occurred while obtaining empid : " + 
e.getMessage ());
          %>
              <jsp:forward page = "Error.jsp"  />
          <%
          }
              /// Clean up
          finally {
              try {
                  rs.close ();
                  stmt.close ();
                  con.close ();
              }catch (Exception e) {
                  rs = null; con = null; stmt = null;
              }
          }

          session.removeAttribute("email");
          session.setAttribute("email",email);
          session.removeAttribute("user");
          session.setAttribute("user",login);
          canAccess = true;
      }
      if(isCorrect && 
(login.startsWith("librar")||login.equals("sysadmin")||login.equals("hrmgr")||login.equals("finance")||login.equals("admin"))){

          session.removeAttribute("email");
          session.setAttribute("email",email);
          session.removeAttribute("user");
          session.setAttribute("user",login);
          canAccess = true;
      }
      if(canAccess){
          out.print(login);
          if(isCorrect){
              out.print("true");
          }else{
              out.print("false");
          }

          if(login.equals("admin")){
      %>
          <jsp:forward page="DifferentFormLinks.jsp" />
      <%
          }else 
if(login.startsWith("librar")||login.equals("sysadmin")||login.equals("hrmgr")||login.equals("finance")){
      %>
          <jsp:forward page="homepage.jsp" />
      <%
          }else{
              String empId = (String)session.getAttribute("empid");

if(referer.endsWith("secureNew/index.jsp")||referer.endsWith("secureNew/index_intab.jsp")||referer.endsWith("secureNew/CreateNewUser.jsp")){
              %>
                  <jsp:forward page="homepage.jsp" />
              <%
              }
          }
      }
      else{
          error.setMessage ("Could not log-in : wrong username/password" );
      %>
          <jsp:forward page = "Error.jsp" />
      <%
      }
%>

</body>
</html>


Regards,
Rekha.



Business Disclaimer
____________________________________________________________
This e-mail message and any files transmitted with it are intended solely
for  the use  of the  individual or entity  to which they  are  addressed. It
may  contain confidential,  proprietary or legally  privileged  information.
If  you  are  not  the  intended recipient please be advised that you have
received  this  message in error and any use is strictly prohibited. Please
immediately  delete it  and all copies of it from your system, destroy any
hard  copies  of  it and  notify  the  sender  by return mail. You must not,
directly or indirectly, use,  disclose,  distribute, print, or copy any part of
this message if you are not the intended recipient.
___________________________________________________________


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message