I'm trying to authenticate users using Memberful from a Spring-Boot application. Per the Memberful documentation, the process is as follows:
User logs in at the memberful URL (https://YOURSITE.memberful.com/oauth?client_id=APPLICATION_IDENTIFIER&response_type=code)
User is redirected to my front end (Vue) with a code in the URL provided by Memberful.
The code is passed to my back end server.
Back end server sends a post request using RestTemplate.postForObject(...) from Spring to https://YOURSITE.memberful.com/oauth/token with all required parameters (See snippet below).
At this point an access token payload is expected, but instead a 403 Error is returned.
Here's the full method:
import org.springframework.http.*;
import org.springframework.util.MultiValueMap;
...
private JSONObject getMemberfulAccessToken(String strCode){
String strTargetURL = "https://" + memberfulSubDomain + ".memberful.com/oauth/token";
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
parameters.add("client_id", memberfulApplicationIdentifier);
parameters.add("client_secret", memberfulClientSecret);
parameters.add("grant_type", "authorization_code");
parameters.add("code", strCode);
HttpEntity<MultiValueMap<String, String>> entity = new HttpEntity<>(parameters, headers);
String strAccessToken = restTemplate.postForObject(strTargetURL, entity, String.class);
return new JSONObject(strAccessToken);
}
And here's the response:
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<title>Access denied | [My Site].memberful.com used Cloudflare to restrict access</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1" />
<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" type="text/css" media="screen,projection" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" type="text/css" media="screen,projection" /><![endif]-->
<style type="text/css">body{margin:0;padding:0}</style>
<!--[if gte IE 10]><!--><script type="text/javascript" src="/cdn-cgi/scripts/zepto.min.js"></script><!--<![endif]-->
<!--[if gte IE 10]><!--><script type="text/javascript" src="/cdn-cgi/scripts/cf.common.js"></script><!--<![endif]-->
</head>
<body>
<div id="cf-wrapper">
<div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>
<div id="cf-error-details" class="cf-error-details-wrapper">
<div class="cf-wrapper cf-header cf-error-overview">
<h1>
<span class="cf-error-type" data-translate="error">Error</span>
<span class="cf-error-code">1010</span>
<small class="heading-ray-id">Ray ID: 515be6c26b80c514 • 2019-09-13 17:39:35 UTC</small>
</h1>
<h2 class="cf-subheadline">Access denied</h2>
</div><!-- /.header -->
<section></section><!-- spacer -->
<div class="cf-section cf-wrapper">
<div class="cf-columns two">
<div class="cf-column">
<h2 data-translate="what_happened">What happened?</h2>
<p>The owner of this website ([My Site].memberful.com) has banned your access based on your browser's signature (515be6c26b80c514-ua21).</p>
</div>
</div>
</div><!-- /.section -->
<div class="cf-error-footer cf-wrapper">
<p>
<span class="cf-footer-item">Cloudflare Ray ID: <strong>515be6c26b80c514</strong></span>
<span class="cf-footer-separator">•</span>
<span class="cf-footer-item"><span>Your IP</span>: 207.200.220.146</span>
<span class="cf-footer-separator">•</span>
<span class="cf-footer-item"><span>Performance & security by</span> Cloudflare</span>
</p>
</div><!-- /.error-footer -->
</div><!-- /#cf-error-details -->
</div><!-- /#cf-wrapper -->
<script type="text/javascript">
window._cf_translation = {};
</script>
</body>
</html>
The fix: Add the JVM option -Dhttp.agent="[Anything you want as the user agent prefix]"
The issue: Cloudflare's Web Application Firewall prevents requests with the User-Agent header Java/1.8.0_172 from being received by Memberful.
Cloudflare's documentation indicates that if you get a 403 response that is not Cloudflare branded, it's the client's (in my case Memberful's) server that's returning the response. That being said, I'm not sure if the response I received in response to a POST request could be considered "Cloudflare branded", but at the time I'm writing this Memberful has told me they haven't applied any custom settings for their environment.
Of course there are other ways to set the User-Agent header value, but this is what I did.
This issue is caused by the browser integrity check, which will run even if the WAF is off. Turn off the browser integrity check with a page rule or globally to avoid this issue.
https://support.cloudflare.com/hc/en-us/articles/200170086-Understanding-the-Cloudflare-Browser-Integrity-Check#:~:text=BIC%20is%20enabled%20by%20default,BIC%20for%20your%20API%20traffic.
Related
When i'm trying to access the api, i'm getting the following error message:
{
"errorCode": "PARTNER_AUTHENTICATION_FAILED",
"message": "The specified Integrator Key was not found or is disabled. An Integrator key was not specified."
}
I'm using the access token that returns from this URL: https://account-d.docusign.com/oauth/token, but the url address that the documentation asks to request the list of signed envelopes is this: https://demo.docusign.net/restapi/v2.1/accounts/bf672cac-****-****-****-757e9b8ebfb3/envelopes.
If I change the beginning of the end-point domain to https://account-d.docusign.com/ I get the status 200 and an HTML, which doesn't say much about the error, follows the html:
<!doctype html>
<html ng-app="LoginAppNext.App" lang="en" class="account-server">
<head>
<meta charset="utf-8">
<meta name="viewport" content="initial-scale=1.0">
<meta name="description" meta-description>
<title>DocuSign</title>
<link href="https://docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/favicon.ico" rel="shortcut icon"
type="image/x-icon">
<base href="/">
<link rel="canonical" href="https://account-d.docusign.com/" />
<link href="/LoginAppNext/styles/olive/and/app?v=7_dKAUfFq_HQdBnGB4k7hYZKoOae-bgnT30ORlEXHEk1" rel="stylesheet" />
<!-- 21.1.2.19210 DA2DFE5 ac4fea07-f999-49e8-b450-a9bd5aa45430 -->
<!-- PAGE-TITLE DIRECTIVE MUST BE LAST INSIDE THE HEAD TAG -->
<page-title></page-title>
</head>
<body class="site-content">
<form name="fixtureForm">
<input id="fixtureInput" value="illegible value that is returned in the request">
</form>
<div ui-view></div>
<!--[if (!IE)|(gt IE 8)]><!-->
<script src="/LoginAppNext/core_via_npm?v=HmqVrseATw9A8eLx4-PxjAKYi3QSWgFzyC0R2L_sc9Q1"></script>
<!--<![endif]-->
<!--[if lte IE 8]>
<link href="/LoginAppNext/styles/legacy?v=4PA642FFntoeJCbU9Xo8MtjFl47UpOhb1wGcStBQ1UU1" rel="stylesheet"/>
<script src="/LoginAppNext/core_via_npm/legacy?v=k4d0Yt_N4blS8S0QrMQ8yybLJtbXex6uQ8SkokHHi_41"></script>
<style type="text/css">
/*
Older browsers (IE8) may interpret the new tags as having an empty XML namespace
when Angular attempts to generate them, so we need to deal with the default styling of those elements, too.
*/
\:article,
\:aside,
\:details,
\:figcaption,
\:figure,
\:footer,
\:header,
\:hgroup,
\:main,
\:nav,
\:section,
\:summary {
display: block; }
</style>
<![endif]-->
<script src="/LoginAppNext/templates?v=daF9DMXq4GIP_dsEt7fCPBYMN-A6Xk9bMZC4suEj0r01"></script>
<script src="/Scripts/app?v=lfm-G_adZ-QhT3MeHhQWFFV_fQ6ENsg6BV4q01boB6M1"></script>
</body>
</html>
Its likely that you are not passing the Authorization header in your request. In your postman request please add this in the "headers" tab just under where you enter the resource uri, in the format of Key:Authorization Value: Bearer {AccessToken}
Please have a look at our postman collection that you can easily import to see how this works: https://github.com/docusign/postman-collections
Hey I'm writing a java application which should be able to connect the user to their facebook accounts. The application than should be able to post on their Facebook pages.
For now my workflow works quite good. But my java app is hostet by my customers. So I have no specified redirect url available. Because everey customer use a different Domain name.
There is the posibility to redirect to https://www.facebook.com/connect/login_success.html as described here https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/.
For now my JSP File looks like:
<%# page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<%
FBGraph fbConnection = new FBGraph();
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Java Facebook Login</title>
<link rel="stylesheet"
href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css"
integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh"
crossorigin="anonymous">
<script src="https://kit.fontawesome.com/30c4960fcc.js"
crossorigin="anonymous"></script>
</head>
<body style="text-align: center; margin: 0 auto;">
<div class="container">
<div class="row">
<div class="col-md-auto">
<div class="jumbotron">
<h1 class="display-4">Welcome to Hforms Social Login</h1>
<p class="lead">Use this page to login into Facebook to use
your Hforms Installtion with your Facebook Pages</p>
<hr class="my-4">
<a class="btn btn-primary btn-lg"
href="<%=fbConnection.getFBAuthUrl()%>" role="button" onclick="<%= fbConnection.onLinkClick()%>"> <i
class="fab fa-facebook"></i> <span>Login into Facebook</span></a>
</div>
</div>
</div>
</div>
</body>
</html>
getFBAuthUrl() for now returns https://www.facebook.com/v6.0/dialog/oauth?client_id=[mySecretID]&redirect_uri=https%3A%2F%2Fwww.facebook.com%2Fconnect%2Flogin_success.html&state=wdadwadawdwad&scope=manage_pages,publish_pages,pages_show_list
When klicking the Link I'm redirected to facbook and have to allow access to my app. When klicking OK there I'm redirected to the facebook success page where the URL is containing the key. But I have no idea how to get the key.
Maybe someone could give me a hint on that.
Thanks in advance
Previously I have worked just with JSP and Apache Tiles and now I'm trying to create Thymeleaf template for the first time. The problem I faced is that I have no idea how to insert custom header, footer and other sections into default.html. Here is the code example.
default.html:
<!DOCTYPE html>
<html lang="en"
xmlns:th="http://www.thymeleaf.org"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout">
<head>
<meta charset="UTF-8"/>
<title>Default template</title>
<link rel="stylesheet" type="text/css" href="../static/css/app.css" th:href="#{/css/app.css}"/>
<link rel="stylesheet" type="text/css" href="../static/css/bootstrap.css" th:href="#{/css/bootstrap.css}"/>
<link rel="stylesheet" type="text/css" href="../static/css/myCss.css" th:href="#{/css/myCss.css}"/>
</head>
<body>
<header id="header" layout:fragment="header">
HEADER
</header>
<section id="sidemenu" layout:fragment="sideMenu">
SIDE_MENU
</section>
<section id="site-content" layout:fragment="siteContent"></section>
<footer id="footer" layout:fragment="footerTemplate"></footer>
</body>
</html>
In default.html I have 'siteContent' which is provided for inserting all of application's html files, and 'header', 'sideMenu' and 'footer' sections that have to be implemented in separate corresponding html files (templates) and inserted into default.html.
index.html:
<!DOCTYPE html>
<html lang="en"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
layout:decorator="default">
<head>
<title>Index</title>
</head>
<body>
<div layout:fragment="siteContent">
<h1>Hello world!</h1>
</div>
</body>
</html>
footer.html:
<!DOCTYPE html>
<html lang="en"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
layout:decorate="~{default}">
<head>
<title>Footer Template</title>
</head>
<body>
<div layout:fragment="footer">
Copyright © 2017
</div>
</body>
</html>
This is an example of footer.
SiteContent area works fine. Footer's 'Copyright © 2017' is supposed to be imported into default.html's footer area, but it doesn't.
The solution is found: I should have used
'footer id="footer" layout:include="footerTemplate"'
instead of
'footer id="footer" layout:fragment="footerTemplate"'
By the way, the examples, listed on thymeleaf's website never worked, but the correct decision wasn't there.
I've tried everything to select this facebook button, by css, by partial link, by xpath. Can someone show me the syntax? HTML Code is below, the element is highlighted in blue.
This is the html for facebook Iframe login
<html>
<head>
<style type="text/css">
<title>My Photo Tab</title>
<base href="/">
<script src="https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en.U-RewQuh4JY.O/m=signin_annotation/exm=client,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNj6EO7Q-0o28iG5EwDca54BMQrpw/t=zcms/cb=gapi.loaded_2" async="">
<script src="https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en.U-RewQuh4JY.O/m=plusone/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNj6EO7Q-0o28iG5EwDca54BMQrpw/t=zcms/cb=gapi.loaded_1" async="">
<script type="text/javascript" async="" src="//assets.pinterest.com/js/pinit_main.js">
<script id="adblade-sdk" src="http://web.adblade.com/js/ads/async/show.js">
<script id="facebook-jssdk" src="//connect.facebook.net/en_US/sdk.js">
<script id="google-platform-js" src="http://apis.google.com/js/platform.js" gapi_processed="true">
<script id="twitter-wjs" src="http://platform.twitter.com/widgets.js">
<script async="" src="//www.google-analytics.com/analytics.js">
<script src="https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en.U-RewQuh4JY.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNj6EO7Q-0o28iG5EwDca54BMQrpw/t=zcms/cb=gapi.loaded_0" async="">
<script>
<link rel="stylesheet" href="assets/css/bootstrap.min.css?gb=0.0.3">
<link rel="stylesheet" href="assets/css/jquery.simplecolorpicker.css?gb=0.0.3">
<link rel="stylesheet" href="assets/css/style.css?gb=0.0.3">
<link rel="stylesheet" href="assets/css/shared.css?gb=0.0.3">
<link rel="stylesheet" href="assets/css/home.index.css?gb=0.0.3">
<link rel="stylesheet" href="assets/css/home.modals.css?gb=0.0.3">
<link rel="stylesheet" href="assets/css/languageSize.css?gb=0.0.3">
<link rel="stylesheet" href="assets/css/chosen/chosen.min.css?gb=0.0.3">
<link rel="stylesheet" href="assets/css/lp2.css?gb=0.0.3">
<meta content="http://myphototab.com" property="og:url">
<meta content="Your social photos on your new tab page!" property="og:title">
<meta content="http://cdn.myphototab.com/content/images/social.jpg" property="og:image">
<meta content="My Photo Tab" property="og:site_name">
<meta content="Turn your browser's boring new tab page into your personalized photo gallery!" property="og:description">
<meta content="summary_large_image" name="twitter:card">
<meta content="MyPhotoTab" name="twitter:site">
<meta content="MyPhotoTab" name="twitter:creator">
<meta content="Your social photos on your new tab page!" name="twitter:title">
<meta content="Turn your browser's boring new tab page into your personalized photo gallery!" name="twitter:description">
<meta content="http://cdn.myphototab.com/content/images/social.jpg" name="twitter:image:src">
<link type="text/css" rel="stylesheet" href="http://staticd.cdn.adblade.com/css/zones/zone1101.css">
<style type="text/css">
<script type="text/javascript" async="" src="http://edge.quantserve.com/quant.js">
<script type="text/javascript" async="" src="http://b.scorecardresearch.com/beacon.js?c1=8&c2=6864322&c3=&c4=&c5=&c6=&c10=&c15=">
<link type="text/css" rel="stylesheet" href="http://staticd.cdn.adblade.com/css/zones/zone1101.css">
<style type="text/css">
<script type="text/javascript" async="" src="http://edge.quantserve.com/quant.js">
<script type="text/javascript" async="" src="http://b.scorecardresearch.com/beacon.js?c1=8&c2=6864322&c3=&c4=&c5=&c6=&c10=&c15=">
<style type="text/css">
<style type="text/css">
</head>
<body class="isFF isWindows loggedout page-loaded modal-open Large en" style="background-image: none; background-color: rgb(192, 192, 192); overflow-y: auto;" data-twttr-rendered="true">
<input id="IsFromExtension" type="hidden" value="true">
<div class="pageWrapper" ng-view="">
<section id="homeView">
<div class="container body-content" style="">
<div id="myModal" class="modal fade in" data-backdrop="static" data-keyboard="false" aria-hidden="false" aria-labelledby="myModalLabel" role="dialog" tabindex="-1" style="display: block; visibility: visible;">
<div onload="showModal()" ng-include="partialUrl.Base">
<div id="modalWelcome" class="modal-dialog" style="display: block;">
<div class="modal-content gray-border">
<button class="close" ng-click="welcomeClose({trackingData: ['2', 'index-welcome', 'welcome-popup-close', '']})" data-dismiss="modal" type="button">
<div class="modal-body" style="">
<div class="modal-body-inner">
<div class="language">
<div class="title center langDir" style="direction: ltr;">
<div class="subtitle2 center langDir" translate="" style="direction: ltr;">My Photo Tab allows you to see your social and other photos on your browser's new tab page - FREE!</div>
<div class="socialButtons">
<div class="socialButtonsInner">
<div class="fblogin">
<fblogin>
<div class="fbLoginInner">
<fb:login-button class=" fb_iframe_widget" onlogin="FacebookLoginState();" scope="public_profile,email,user_photos,user_friends,publish_actions" size="xlarge" login_text=" Login with Facebook " fb-xfbml-state="rendered" fb-iframe-plugin-query="app_id=860682337328409&container_width=147&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20Login%20with%20Facebook%0A%20%20%20%20&scope=public_profile%2Cemail%2Cuser_photos%2Cuser_friends%2Cpublish_actions&sdk=joey&size=xlarge">
<span style="vertical-align: bottom; width: 290px; height: 39px;">
<iframe class="" width="1000px" height="1000px" frameborder="0" name="f138e5757ce176" allowtransparency="true" scrolling="no" title="fb:login_button Facebook Social Plugin" style="border: medium none; visibility: visible; width: 290px; height: 39px;" src="http://www.facebook.com/v2.1/plugins/login_button.php?app_id=860682337328409&channel=http%3A%2F%2Fstatic.ak.facebook.com%2Fconnect%2Fxd_arbiter%2F6Dg4oLkBbYq.js%3Fversion%3D41%23cb%3Df135579120b2446%26domain%3Dmyphototab.com%26origin%3Dhttp%253A%252F%252Fmyphototab.com%252Ff21d55794e16b1c%26relation%3Dparent.parent&container_width=147&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20Login%20with%20Facebook%0A%20%20%20%20&scope=public_profile%2Cemail%2Cuser_photos%2Cuser_friends%2Cpublish_actions&sdk=joey&size=xlarge">
<!DOCTYPE html>
<html id="facebook" class="" lang="en">
<head>
<body class="plugin gecko win x1 Locale_en_US" dir="ltr">
<div class="_li">
<div class="pluginSkinLight pluginFontHelvetica">
<div id="u_0_0" class="pluginLoginButton pluginLoginButtonXlarge" style="width: 300px;">
<div>
<div id="u_0_1" class="_4z_b _4z_8 _4z_c" tabindex="0" role="button">
<table class="uiGrid _51mz" cellspacing="0" cellpadding="0">
<tbody>
<tr class="_51mx">
<td class="_51m-">
<td class="_51m- _51mw">
<span class="_4z_9">
<span class="_4z_f fwb">Login with Facebook</span>
First switch to the iframe using: (As Saifur told name seems to be dynamic hence identifying element based on title)
driver.switchTo().frame(driver.findElement(By.xpath("//iframe[contains(#title,'Facebook Social Plugin')]")));
then click on the span as
new WebDriverWait(driver, 10).until(ExpectedConditions.presenceOfElementLocated(By.xpath("//span[contains(.,'Login with Facebook')]"))).click();
That's no button, that's a span.
Try: //span[text()='Login with Facebook']
Try xpath text based search
//span[contains(text(),'Login with Facebook')]
However, depending on the element load time you may need to add some explicit wait as well.
By xpath = By.xpath("//span[contains(text(),'Login with Facebook')]");
WebElement myDynamicElement = (new WebDriverWait(driver, 10))
.until(ExpectedConditions.presenceOfElementLocated(xpath));
myDynamicElement.click();
Edit
Just saw that page contains iframe. So, you need to use switchTo() to set focus into iframe before start looking for the element. See the API doc
//Looks like the name of ifame is also dynamic
//driver.switchTo().frame("fbf1ab674");
//assuming that's the only iframe on
driver.switchTo().frame(driver.findElement(By.cssSelector('iframe')));
driver.findElement(By.xpath("//span[contains(text(),'Login with Facebook')]")).click();
//switch back to default content when done working inside iframe
driver.switchTo().defaultContent();
I suspect for the same reason linkText and cssSelector you have used did not work.
Also, please try to post html instead of image for future reference which is much easier to read and find possible issues.
With Firefox (firebug) and Chrome (chromebug), u can copy the xpath of each selected item. Very useful when developing with Selenium!
Check out this wikihow page and u will like it!
http://m.wikihow.com/Find-XPath-Using-Firebug
Meanwhile it should also be available in Firefox inspector.
I want to validate the JSP in the JSP itself but it is givin me a nullpointer Exception..My code is given below...
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="lt-ie9 lt-ie8 lt-ie7" lang="en"> <![endif]-->
<!--[if IE 7]> <html class="lt-ie9 lt-ie8" lang="en"> <![endif]-->
<!--[if IE 8]> <html class="lt-ie9" lang="en"> <![endif]-->
<!--[if gt IE 8]><!--> <html lang="en"> <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Login Form</title>
<link rel="stylesheet" href="admincss/style.css">
<!--[if lt IE 9]><script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script><![endif]-->
</head>
<body>
<%
String username=request.getParameter("txt_username");
String password=request.getParameter("txt_password");
if(username.equals("k") && password.equals("k"))
{
response.sendRedirect("Admin");
}
%>
<section class="container">
<div class="login">
<h1>Login to Web App</h1>
<form method="post" action="admin.jsp">
<p><input type="text" name="txt_username" value="" placeholder="Username or Email"></p>
<p><input type="password" name="txt_password" value="" placeholder="Password"></p>
<p class="remember_me">
<label>
<input type="checkbox" name="remember_me" id="remember_me">
Remember me on this computer
</label>
</p>
<p class="submit"><input type="submit" name="btn_commit" value="Login"></p>
</form>
</div>
<div class="login-help">
<p>Forgot your password? Click here to reset it.</p>
</div>
</section>
<section class="about">
<p class="about-links">
View Article
Download
</p>
<p class="about-author">
© 2012–2013 Thibaut Courouble -
MIT License<br>
Original PSD by Orman Clark
</section>
</body>
</html>
I don't understand the error.....If this is not the right method please suggest me the right one
NullPointerException generally means you tried to call a method or access a field on a variable doesn't refer to any object. The only variables you're using in this file, aside from the predefined request and response, are username and password.
The request.getParameter method returns null if the request doesn't have a parameter with the specified name. So if your request doesn't include a txt_username and/or txt_password parameter, the username and/or password variable will be null.
On the line below, when you call username.equals and password.equals, you'll get the exception if those variables are null. You can't call the method if there's no object to call it on.
You need to add some code to handle the case where username or password are null.