I have a very simple log-in servlet with the following code:
userName = request.getParameter("username");
password = request.getParameter("password");
if ("xxx".equals(userName) && "xxx".equals(password)) {
RequestDispatcher requestDisSecure = request
.getRequestDispatcher("VendorList_Secure.jsp");
requestDisSecure.forward(request, response);
}
if ("xxx".equals(userName) && "xxx".equals(password)) {
RequestDispatcher requestDisSecure = request
.getRequestDispatcher("VendorList_Secure.jsp");
requestDisSecure.forward(request, response);
}
if ("xxx".equals(userName) && "xxx".equals(password)) {
RequestDispatcher requestDisSecure = request
.getRequestDispatcher("VendorList_Secure.jsp");
requestDisSecure.forward(request, response);
}
if ("xxx".equals(userName) && "xxx".equals(password)) {
RequestDispatcher requestDisSecure = request
.getRequestDispatcher("VendorList_Secure.jsp");
requestDisSecure.forward(request, response);
} else {
/**
* Unauthenticated user
*/
RequestDispatcher requestDisUnSecure = request
.getRequestDispatcher("VendorLoginError.jsp");
requestDisUnSecure.forward(request, response);
}
We come to this servlet logic from VendorLogin.jsp that has username & password parameter, if the login is correct it forward fine to the VendorList_Secure.jsp, but if not it will forward to VendorLoginError.jsp, but after inputting a new username & password and hitting the above servlet, i got both username & password parameters as null instead of the new updated values in the servlet!
I tried redirect instead, but i got the same effect
I know i could do much better with how to implement login through securing the resources in web.xml, but i want to know why this simple example doesn’t work
So what i am doing wrong here?
Many thanks
your form elements should match the names given in getParameter.
that is like below