i have a requirement that only one user will be allowed to log in using one login id and password that means not two users will be allowed to login using the same username and id.so i thought to make a field in my Db to store the ipaddress.Suppose A has logged in then his ip address will be stored in Db and now if B wants to login then he will get alert that this user has already logged in and the ip address is A's ipaddress.and for that purpose i am using
<%# page import="java.net.*" %>
<%# page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<%
out.println("remote address "+request.getRemoteAddr());
out.println("remote host "+request.getRemoteHost());
out.println("remote port "+request.getRemotePort());
out.println("remote user "+request.getRemoteUser());
//out.println(InetAddress.getLocalHost().getHostAddress());
out.println(request.getRemoteAddr());
//out.println(InetAddress.getLocalHost().getHostAddress().toString());
%>
</body>
</html>
but i am not getting the exact ipaddress.please tell me how to get the ipaddress.if you think this way of storing ipadddress in Db and alerting to duplicate user is not wise then yours suggestions are also welcome
remote address 0:0:0:0:0:0:0:1 remote host 0:0:0:0:0:0:0:1 remote port 38059 remote user null 0:0:0:0:0:0:0:1
For some reason, request.getRemoteAddr() did not work for you. It is quite impossible to say why without knowing the company's network you are working in.
However, you do not even need the IP-address for that. Just keep a flag if the user is currently logged in:
User | logged in?
-----+------------
A | Yes
B | No
C | No
Now, if a user tries to login, check if he/she is already logged in. If so, display an error message and avoid login.
You need to reset this flag
When the user logs out (clicking the "logout" button)
After the session times out (you can use a HttpSessionListener for that), in case that the user did not click "logout". Note: If you have a high session timeout (like 30 minutes), and the user forgets to click "logout", he/she will not be able to login for the rest of the session.
After the application is redeployed, if all sessions are destroyed then.
Related
How about community, this error happened to me today and I would like to know if some of you ever happened to you and how to solve it. I am creating an application with servlets in java that the functionality is to have a button, where by clicking it sends me a json with 50 records through the URL so that I can generate an excel. Now, all good when it comes to 10 records, no problem happens, when you have more than 20 records in that json or so, that's where the error happens to me. Investigating I found that the error happens because the header I am sending is too long. Here is an example of what the header I'm sending is:
Url: localhost:8080/pruebas/vistas/excel/Reporte_Insertados.jsp?registros=[{"CODPER":"123456","NRO":"1","DNI":"45874587","APELLIDOS_NOMBRES":"ROJAS%20LOPEZ%20GUSTAVO","FECHA":"14/01/2020","MONTO":"150.50","OBSERVACION":"DADSADSA","RAZON_SOCIAL":"","ESTADO":"DATOS%20CORRECTOS","":""}...] so until you have 50 records.
So my question is: If any of you solve it or how could I do it from my servlet to allow the header to be long, since it is the problem for which it does not leave me and the error happens to me.
I leave code of my application. Thank you in advance community.
My Javascript code:
function exportarReporteInsertados(registrosInsertados){
let tabla_reporte_insertados = $("#tablaCargaMasiva").tableToJSON({});//Here grab all 50 records.
window.location = "excel/Reporte_Insertados.jsp?registros="+JSON.stringify(tabla_reporte_insertados)
}
My jsp code to receive the data
<%#page import="org.json.JSONObject"%>
<%#page import="java.text.SimpleDateFormat"%>
<%#page import="java.text.DateFormat"%>
<%#page import="java.util.Date"%>
<%#page import="org.json.JSONArray"%>
<%#page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<%
String datos = request.getParameter("registros");
JSONArray jsonArray_datos = new JSONArray(datos);
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSP Page</title>
</head>
<body>
<%
response.setContentType("application/vnd.ms-excel");
response.setHeader("Content-Disposition", "attachment; filename=REPORTE_CARGA_MASIVA.xls");
%>
ERROR
enter image description here
#Felipo If you need to send a json, kindly refrain from adding it to the url. The url string has a character limit.Please look at : What is apache's maximum url length? . Also, according to convention in order to send a json via the request you need to add it to the request body instead of the url. Use an ajax request to send the data to the endpoint instead of passing it via the url.
I am trying to just set up a very basic jsp file that takes in a query from a url and displays it. I have the following test.jsp file that I run on the server:
<%# page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Test jsp</title>
</head>
<body>
<% String firstName = (String) request.getAttribute("firstName");
out.println("Hello :" + firstName);%>
</body>
</html>
However, when I type in the following URL, I still get a "null" result (even after refreshing): see Picture.
Note: my ultimate goal is to do have an event at some point that sends a POST request from a java file and display its result in the jsp page. If I understood well from my research, I would have to do it via a Servlet with a DispacherRequest forwarding method. But I first want to understand why the simple aforementioned code isnt working).
Thank you for your help !
You mention that you're trying to display a query parameter from the URL. A query or request parameter is not the same as a request attribute.
To get a query parameter, you would have to use the getParameter() method:
String firstName = request.getParameter("firstName")
I have a problem that's when I connect with two differents users using servlet and JSP , infromations of the first user keeps shown when I connect with any other user even I invalidate session when the connected user logout and I'm using
<meta http-equiv="Cache-Control" content="no-cache" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="-1" />
in all JSP pages , any other ideas please ? Thanx
you can copy and paste this code in every page of your site which clears the cached page.
<%response.setHeader("Cache-Control","no-cache");
response.setHeader("Cache-Control","no-store");
response.setHeader("Pragma","no-cache");
response.setDateHeader ("Expires", 0);
if(session.getAttribute("some_token")==null)
response.sendRedirect("login/login.html");
%>
In logout you must be invalidating session so when you click back it would check the some_token attribute value in session and if not there it will redirect you to login page . But remember after login you are setting some_token attribute in session.
Short version-display home page only if session is already created
Details
I have a login.html. It links to validation.jsp. It checks for password and then redirects to the following page.
But I want that this following page to be displayed only when the
validation is true. Otherwise if someone enters the link to the page
and finds that the page has not been logged into, it will prompt to
do it so.
It worked fine in the servlet. I created a new session in validation page
and set request.getSession(false) in the home page.
but this doesnt seem to work in jsp. If I set session=false in the page
directive, then I can not access session object at all. and if I
explicitly do what I have done in the page, it still doesn't work!!
<%# page language="java" import="java.io.*"
contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"
import="java.util.*;"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
<%
session=request.getSession(false);
if(session==null)
{
out.println("please login");
}
else
{
out.println("how did it run!!! ??");
out.println(application.getAttribute("one"));
out.println(session.isNew());
out.println(session.getId());
out.println("<form action='logout.jsp' method='post'>");
out.println("<input type='submit'>");
out.println("</form>");
}
%>
</body>
</html>
You don't use if(session==null) to determine if someone is logged in. Sessions are generally created automatically, and besides, you might want to use a session for something even before login. You check for a specific session attribute.
String userid = (String)session.getAttribute("userid");
if(userid!=null)
{
out.print("logged in as:" + userid);
}
Of course in the login code you have to set it:
session.setAttribute("userid", userid);
There is also no need to call request.getSession in JSP. In a servlet you would need to, but in JSP the session object is already populated with request.getSession for you.
Edit:
When you do the session=false directive then the session object isn't declared so you'll need not just to set it but actually declare it: HttpSession session = request.getSession(false); Then you will get session=null, but its dangerous to rely on this for security, as going to a page where you didn't set session=false will create the session, and your code will then think someone was validly logged in, when they were not. Even if you are certain that you put session=false everywhere, you might miss a spot, or more likely, the next developer after you will not understand you did it this way, and a security disaster is just waiting to happen.
Using session=false is intended for performance boost not security. E.g. you have a faq page that doesn't care about sessions, set session=false so people going to that link doesn't create sessions and waste memory.
A JSP creates a session by default. If you don't need session then use following
<%# page session="false" %>
I could not connect my jsp page with ms access
it says
"java.sql.SQLException: [Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified"
I have created a dsn but still the problem is same..
I searched the net extensively but couldn't rectify....
DriverManager.getConnection("jdbc:odbc:students");
This line is causing exception....
I selected the data source in the DNS still too.... I'm using Access....
Here is everything:
<%#page import="java.sql.PreparedStatement"%>
<%#page import="java.sql.DriverManager"%>
<%#page import="java.sql.Connection"%>
<%#page contentType="text/html" pageEncoding="UTF-8" language="java"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSP Page</title>
</head>
<body>
<%
PreparedStatement pstm;
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//connection object created using DriverManager class
//employee is the name of the database
Connection connect =DriverManager.getConnection("jdbc:odbc:employee");
//creating prepared statement object pstm so that query can be sent to database
pstm=connect.prepareStatement("insert into employee values(?,?,?,?)");
pstm.setString(1,"5");
pstm.setString(2,"parth");
pstm.setString(3,"parth");
pstm.setString(4,"10000");
//execute method to execute the query
pstm.executeUpdate();
out.println("Record Added Successfully");
pstm.close();
connect.close();
%>
</body>
</html>
you can test your datasource config by creating a new empty file (pretty much anywhere, desktop will work fine) with any name you like and changing the extension to .udl
When you change the extension the icon changes. Then double click it and you should see students datasource in the first combo (Use data source name), select it and click Test Connection.
If everything works out up to this point then your datasource is ok, and the problem is with your code, which should be something like this http://www.kodejava.org/examples/151.html