Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 14102 invoked from network); 18 Nov 2010 05:29:45 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 18 Nov 2010 05:29:45 -0000 Received: (qmail 98099 invoked by uid 500); 18 Nov 2010 05:30:12 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 97844 invoked by uid 500); 18 Nov 2010 05:30:12 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 97828 invoked by uid 99); 18 Nov 2010 05:30:11 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Nov 2010 05:30:11 +0000 X-ASF-Spam-Status: No, hits=1.5 required=10.0 tests=DNS_FROM_RFC_BOGUSMX,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [203.196.146.77] (HELO mta.softjin.com) (203.196.146.77) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Nov 2010 05:30:06 +0000 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AoIMAPNH5EwKAAAX/2dsb2JhbACUTwGNBgGBbL4BgwUIAQSCOQSEWIYCgnI X-IronPort-AV: E=Sophos;i="4.59,215,1288549800"; d="scan'208";a="2792059" Received: from srv23.softjin.com ([10.0.0.23]) by mta.softjin.com with ESMTP; 18 Nov 2010 10:58:12 +0530 Received: from pcsrv11.softjin.com (pcsrv11.softjin.com [10.0.0.11]) by srv23.softjin.com (Postfix) with ESMTP id 94B2E9F98 for ; Thu, 18 Nov 2010 10:59:42 +0530 (IST) Date: Thu, 18 Nov 2010 10:59:42 +0530 (IST) From: Rekha Ravi Pai To: users@tomcat.apache.org Subject: Re: Problem in accessing jsp:useBean Message-ID: MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: TEXT/PLAIN; charset="us-ascii"; format="flowed" users-digest-help@tomcat.apache.org wrote: users Digest 15 Nov 2010 11:40:18 -0000 Issue 10062 Topics (messages 219005 through 219016): Re: Tomcat 6.0.29 using more and more RAM until it collapses? 219005 by: Andr Warnier 219010 by: Mark Thomas Re: 7.0.4 problem 219006 by: Anthony J. Biacco Re: Using mod_jk in cluster environment responds HTTP 500 219007 by: rikslovein 219009 by: Andr Warnier 219013 by: rikslovein Problem in accessing jsp:useBean 219008 by: Rekha Ravi Pai 219011 by: Mark Thomas Re: Shutting down one instance of tomcat 6 from a listener 219012 by: Patrick Sauts Tomcat Going down Frequently 219014 by: Amol Puglia 219015 by: Andr Warnier 219016 by: Pid Administrivia: Subject: Problem in accessing jsp:useBean From: Rekha Ravi Pai Date: Mon, 15 Nov 2010 12:40:46 +0530 To: users@tomcat.apache.org To: users@tomcat.apache.org Hi, I have installed tomcat-6.0.20 and postgresql-9.0.1 I have created a java bean PasswordEncryptService.java I have kept it in WEB-INF/classes/beans directory and in beans package. I compiled the java file and successfully ran the class and could enter a data in a table in pgsql database. I have created a jsp file under webapps/apps/InfoMgmt/secure directory. In this jsp file I imported the PasswordEncryptService class and used the bean under the tag jsp:useBean. But I am getting the following error. The value for the useBean class attribute PasswordEncryptService is invalid. Can anybody please, help me in resolving this issue? Thanks and Regards, Rekha. Subject: Re: Problem in accessing jsp:useBean From: Mark Thomas Date: Mon, 15 Nov 2010 09:04:37 +0000 To: Tomcat Users List To: Tomcat Users List On 15/11/2010 07:10, Rekha Ravi Pai wrote: Hi, I have installed tomcat-6.0.20 and postgresql-9.0.1 I have created a java bean PasswordEncryptService.java I have kept it in WEB-INF/classes/beans directory and in beans package. I compiled the java file and successfully ran the class and could enter a data in a table in pgsql database. I have created a jsp file under webapps/apps/InfoMgmt/secure directory. In this jsp file I imported the PasswordEncryptService class and used the bean under the tag jsp:useBean. But I am getting the following error. The value for the useBean class attribute PasswordEncryptService is invalid. Can anybody please, help me in resolving this issue? Not without you showing us the source for the simplest JSP and bean that recreates this issue. Mark PasswordEncryptService.java file I am giving below. I have placed this in the path /usr/local/apache-tomcat-6.0.20/webapps/apps/WEB-INF/classes/beans /// class to verify the password package beans; import java.security.NoSuchAlgorithmException; import java.io.*; //UnsupportedEncodingException; import java.security.MessageDigest; import org.apache.commons.codec.binary.Base64; import java.security.DigestOutputStream; import java.sql.*; public class PasswordEncryptService implements Serializable { private static final long serialVersionUID = 7526472295622776147L; Connection con; Statement stm ; ResultSet rs = null; public PasswordEncryptService (){ try{ Class.forName("org.postgresql.Driver"); con = DriverManager.getConnection("jdbc:postgresql:employee_release","postgres", ""); stm = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); } catch (SQLException sqle ){ sqle.printStackTrace(); } catch (ClassNotFoundException cnfe ) { cnfe.printStackTrace(); } } private String getEncryptedString (String rawString ) throws Exception { /// encrypt the raw String using SHA algorithm String encryptedString = ""; byte[] encoded = Base64.encodeBase64(rawString.getBytes()); encryptedString = new String(encoded); return encryptedString; } public void writeNewPasswd(String username,String passwd)throws Exception { ///writing new password in case the password is forgotten String encryptedPasswd = ""; try{ encryptedPasswd = getEncryptedString(passwd); } catch(Exception e){ e.toString(); //System.out.println(e.toString()); } String query = "insert into passwd_tbl values(\'"+username; query += "\',\'"+encryptedPasswd+"\')"; try{ int a = stm.executeUpdate(query); }catch(SQLException e){ System.out.println(e.toString()); } } public void changePasswd(String username,String passwd,String newPwd)throws Exception { /// reading all username/passwd in a vector deleting the perticular user and writing back the vector String encryptedPasswd = ""; String encryptedNewPwd = ""; String readPasswd = ""; try{ encryptedPasswd = getEncryptedString(passwd); encryptedNewPwd = getEncryptedString(newPwd); } catch(Exception e){ e.toString(); //System.out.println(e.toString()); } String query = "select * from passwd_tbl where "; query += "username=\'"+username+"\'"; try{ rs = stm.executeQuery(query); }catch(SQLException e){ System.out.println(e.toString()); } if(rs.next()){ readPasswd = rs.getString("password"); } if(encryptedPasswd.equals(readPasswd)){ String updateQuery = "update passwd_tbl set password="; updateQuery += "\'"+encryptedNewPwd+"\' where "; updateQuery += "username=\'"+username+"\'"; try{ int a = stm.executeUpdate(updateQuery); }catch(SQLException e){ System.out.println(e.toString()); } } } private String readPassword (String username) throws Exception { // String passwordFromFile = ""; boolean isFound = false; int data; String readUsername = "", readPasswd = ""; String query = "select password from passwd_tbl where "; query += "username=\'"+username+"\'"; try{ rs = stm.executeQuery(query); }catch(SQLException e){ System.out.println(e.toString()); } if(rs.next()){ readPasswd = rs.getString("password"); isFound = true; }else{ throw new NullPointerException (" Username not found "); } return readPasswd; } /// Check if the suplied password is correct for the given username public boolean isPasswordCorrect (String username, String passwd) throws Exception { String passwordFromFile = ""; String encryptedPassword = ""; try { passwordFromFile = readPassword (username); } catch (Exception e) { throw new Exception ("Error reading password for the user (" + username + ") : " + e.getMessage()); } try { encryptedPassword = getEncryptedString (passwd) ; } catch (Exception e ) { throw new Exception ("Error encrypting the password : " + e.getMessage()); } return passwordFromFile.equals (encryptedPassword); } private boolean isDuplicateUsername (String username) throws Exception { boolean isDuplicate = false; String query = "select * from passwd_tbl where "; query += "username=\'"+username+"\'"; try{ rs = stm.executeQuery(query); }catch(SQLException e){ System.out.println(e.toString()); } if(rs.next()){ isDuplicate = true; } return isDuplicate; } public void writeUsernamePassword (String username, String password) throws Exception { /// Write the username:password for a new user into the passwdFile. String encryptedPassword ; String loginString; byte [] byteArray ; // RandomAccessFile raFile = new RandomAccessFile(passwdFile,"rw");; try { encryptedPassword = getEncryptedString (password); System.out.println(encryptedPassword); } catch (Exception e) { throw new Exception ("Could not write username:password for the user " + username + " " + e.getMessage()); } if (isDuplicateUsername (username)) { throw new Exception ("Duplication Error : the user already exists "); } else { String query = "insert into passwd_tbl values(\'"+username; query += "\',\'"+encryptedPassword+"\')"; try { int a = stm.executeUpdate(query); }catch(SQLException e){ System.out.println(e.toString()); } } } /* public static void main (String [] args) throws Exception { PasswordEncryptService verify = new PasswordEncryptService (); // System.out.println ("path : " + verify.getFilePath ()); if (args.length != 2) { System.out.println ("Usage : java VerifyPasswd "); System.exit (1); } String username = args[0]; String password = args [1]; // String newPwd = args[2]; // verify.changePasswd(username,password,newPwd); verify.writeUsernamePassword (username, password); // System.out.println(verify.getEncryptedString(password)); boolean isCorrect = verify.isPasswordCorrect (username, password); if (isCorrect) System.out.println ("Access Granted"); else System.out.println ("Access Denied "); } */ } _______________________________________________________________________________ This file compiles and runs (when run using java PasswordEncryptService abc xyz) as expected. My jsp file VerifyPassword.jsp that uses this bean is given below. This file is placed in the directory /usr/local/apache-tomcat-6.0.20/webapps/apps/InfoMgmt/secureNew Creating the New User Account <%@ page import = "beans.*, java.sql.*"%> <% error.initialise (); error.setUrl ("secureNew/VerifyPassword.jsp"); %> <%! Statement stmt; Connection con=null; ResultSet rs; String login, passwd,empNum; String email; public void jspDestroy(){ con = null; } %> <% empNum = null; login = request.getParameter ("login"); email = login+"@softjin.com"; passwd = request.getParameter("passwd"); boolean isCorrect = false; boolean canAccess = false; // isCorrect = true; String referer = request.getHeader("referer"); out.println(referer); try { System.out.println(login); isCorrect = verify.isPasswordCorrect(login, passwd); } catch (Exception e) { error.setMessage ("Could not log-in : " + e.getMessage ()); %> <% } String query = "select empid from employee_details where loginid = \'" + email + "\'"; if (isCorrect && (!login.startsWith("librar"))&&(!login.equals("sysadmin")) && (!login.equals("hrmgr")) && (!login.equals("finance")) && (!login.equals("admin"))){ con = cctry.getConnection (); try { stmt = con.createStatement (ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); rs = stmt.executeQuery (query); if (rs.next ()) { /// If a user exists // session.removeAttribute("empid"); session.setAttribute ("empid" , rs.getString ("empid")) ; } else { throw new Exception (" Could not get empid for " + login + "" ); } } catch (Exception e ) { // con.close(); // stmt.close(); error.setMessage ("Error occurred while obtaining empid : " + e.getMessage ()); %> <% } /// Clean up finally { try { rs.close (); stmt.close (); con.close (); }catch (Exception e) { rs = null; con = null; stmt = null; } } session.removeAttribute("email"); session.setAttribute("email",email); session.removeAttribute("user"); session.setAttribute("user",login); canAccess = true; } if(isCorrect && (login.startsWith("librar")||login.equals("sysadmin")||login.equals("hrmgr")||login.equals("finance")||login.equals("admin"))){ session.removeAttribute("email"); session.setAttribute("email",email); session.removeAttribute("user"); session.setAttribute("user",login); canAccess = true; } if(canAccess){ out.print(login); if(isCorrect){ out.print("true"); }else{ out.print("false"); } if(login.equals("admin")){ %> <% }else if(login.startsWith("librar")||login.equals("sysadmin")||login.equals("hrmgr")||login.equals("finance")){ %> <% }else{ String empId = (String)session.getAttribute("empid"); if(referer.endsWith("secureNew/index.jsp")||referer.endsWith("secureNew/index_intab.jsp")||referer.endsWith("secureNew/CreateNewUser.jsp")){ %> <% } } } else{ error.setMessage ("Could not log-in : wrong username/password" ); %> <% } %> Regards, Rekha. Business Disclaimer ____________________________________________________________ This e-mail message and any files transmitted with it are intended solely for the use of the individual or entity to which they are addressed. It may contain confidential, proprietary or legally privileged information. If you are not the intended recipient please be advised that you have received this message in error and any use is strictly prohibited. Please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender by return mail. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. ___________________________________________________________ --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org