如何在JSP中初始化会话并正确使用它们?
我在Spring MVC应用程序中有以下文件:login.jsp、HomeController.java和DatabaseService.java。当有人在login.jsp中单击登录按钮时,它会将数据(用户名和密码)传输到HomeController.java,然后HomeController.java调用DatabaseService.java并使用一些条件从中获取响应,最后将响应返回到login.jsp。到目前为止,用户名和密码字段无效是可以的。login.jsp中的用户名和密码与存储的用户名和密码匹配时出现问题。 问题是,没有数据存储到会话变量/对象中。我试过几种方法:如何在JSP中初始化会话并正确使用它们?,jsp,spring-mvc,Jsp,Spring Mvc,我在Spring MVC应用程序中有以下文件:login.jsp、HomeController.java和DatabaseService.java。当有人在login.jsp中单击登录按钮时,它会将数据(用户名和密码)传输到HomeController.java,然后HomeController.java调用DatabaseService.java并使用一些条件从中获取响应,最后将响应返回到login.jsp。到目前为止,用户名和密码字段无效是可以的。login.jsp中的用户名和密码与存储的用
public String dblogin(String username, String password) throws SQLException {
String response = "";
Connection conn = null;
Statement stmt = null;
ResultSet rs;
String pass = "", fname = "", lname = "";
int userid = 0;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/bloodspring", "root", "");
stmt = conn.createStatement();
try {
String query = "SELECT user_id, user_fname, user_lname, pword FROM bld_user WHERE uname='"+ username +"'";
rs = stmt.executeQuery(query);
int res = 0;
while( rs.next() ) {
res++;
pass = rs.getString("pword");
fname = rs.getString("user_fname");
lname = rs.getString("user_lname");
userid = rs.getInt("user_id");
}
if( res == 0 ) {
response = "Invalid Username";
} else {
//String new_pass = crypt.encryption(password);
if( crypt.encryption(password).compareTo(pass) != 0 ) {
response = "Invalid username and/or password";
//response = "Original :" + pass + " :::: new : " + crypt.encryption(password);
} else {
HttpServletRequest request;
HttpSession session = request.getSession();
session.setAttribute("fname", fname);
session.setAttribute("lname", lname);
session.setAttribute("username", username);
session.setAttribute("userid", userid);
response = "Login Successful";
}
}
} catch( SQLException Ex) {
Ex.printStackTrace();
response = "Sorry something goes wrong with your MySQL query or server";
}
} catch( ClassNotFoundException E) {
E.printStackTrace();
response = "Sorry no MySQL class found";
}
return response;
}
但它显示了一些与空指针异常相关的错误。显示更改代码,如下所示:
public String dblogin(String username, String password) throws SQLException {
String response = "";
Connection conn = null;
Statement stmt = null;
ResultSet rs;
String pass = "", fname = "", lname = "";
int userid = 0;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/bloodspring", "root", "");
stmt = conn.createStatement();
try {
String query = "SELECT user_id, user_fname, user_lname, pword FROM bld_user WHERE uname='"+ username +"'";
rs = stmt.executeQuery(query);
int res = 0;
while( rs.next() ) {
res++;
pass = rs.getString("pword");
fname = rs.getString("user_fname");
lname = rs.getString("user_lname");
userid = rs.getInt("user_id");
}
if( res == 0 ) {
response = "Invalid Username";
} else {
//String new_pass = crypt.encryption(password);
if( crypt.encryption(password).compareTo(pass) != 0 ) {
response = "Invalid username and/or password";
//response = "Original :" + pass + " :::: new : " + crypt.encryption(password);
} else {
HttpServletRequest request = null;
try {
HttpSession session = request.getSession();
session.setAttribute("fname", fname);
session.setAttribute("lname", lname);
session.setAttribute("username", username);
session.setAttribute("userid", userid);
response = "Login Successful";
//response = fname + " " + lname;
} catch( java.lang.NullPointerException lex ) {
lex.printStackTrace();
response = "Something Wrong";
}
}
}
} catch( SQLException Ex) {
Ex.printStackTrace();
response = "Sorry something goes wrong with your MySQL query or server";
}
} catch( ClassNotFoundException E) {
E.printStackTrace();
response = "Sorry no MySQL class found";
}
return response;
}
public String dblogin(String username, String password) throws SQLException {
String response = "";
Connection conn = null;
Statement stmt = null;
ResultSet rs;
String pass = "", fname = "", lname = "";
int userid = 0;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/bloodspring", "root", "");
stmt = conn.createStatement();
try {
String query = "SELECT user_id, user_fname, user_lname, pword FROM bld_user WHERE uname='"+ username +"'";
rs = stmt.executeQuery(query);
int res = 0;
while( rs.next() ) {
res++;
pass = rs.getString("pword");
fname = rs.getString("user_fname");
lname = rs.getString("user_lname");
userid = rs.getInt("user_id");
}
if( res == 0 ) {
response = "Invalid Username";
} else {
//String new_pass = crypt.encryption(password);
if( crypt.encryption(password).compareTo(pass) != 0 ) {
response = "Invalid username and/or password";
//response = "Original :" + pass + " :::: new : " + crypt.encryption(password);
} else {
HttpServletRequest request = null;
try {
response = fname + " " + lname;
} catch( java.lang.NullPointerException lex ) {
lex.printStackTrace();
response = "Something Wrong";
}
}
}
} catch( SQLException Ex) {
Ex.printStackTrace();
response = "Sorry something goes wrong with your MySQL query or server";
}
} catch( ClassNotFoundException E) {
E.printStackTrace();
response = "Sorry no MySQL class found";
}
return response;
}
但它返回的响应是“有问题”[catch block of java.lang.NullPointerException]。如果我按以下方式更改代码:
public String dblogin(String username, String password) throws SQLException {
String response = "";
Connection conn = null;
Statement stmt = null;
ResultSet rs;
String pass = "", fname = "", lname = "";
int userid = 0;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/bloodspring", "root", "");
stmt = conn.createStatement();
try {
String query = "SELECT user_id, user_fname, user_lname, pword FROM bld_user WHERE uname='"+ username +"'";
rs = stmt.executeQuery(query);
int res = 0;
while( rs.next() ) {
res++;
pass = rs.getString("pword");
fname = rs.getString("user_fname");
lname = rs.getString("user_lname");
userid = rs.getInt("user_id");
}
if( res == 0 ) {
response = "Invalid Username";
} else {
//String new_pass = crypt.encryption(password);
if( crypt.encryption(password).compareTo(pass) != 0 ) {
response = "Invalid username and/or password";
//response = "Original :" + pass + " :::: new : " + crypt.encryption(password);
} else {
HttpServletRequest request = null;
try {
HttpSession session = request.getSession();
session.setAttribute("fname", fname);
session.setAttribute("lname", lname);
session.setAttribute("username", username);
session.setAttribute("userid", userid);
response = "Login Successful";
//response = fname + " " + lname;
} catch( java.lang.NullPointerException lex ) {
lex.printStackTrace();
response = "Something Wrong";
}
}
}
} catch( SQLException Ex) {
Ex.printStackTrace();
response = "Sorry something goes wrong with your MySQL query or server";
}
} catch( ClassNotFoundException E) {
E.printStackTrace();
response = "Sorry no MySQL class found";
}
return response;
}
public String dblogin(String username, String password) throws SQLException {
String response = "";
Connection conn = null;
Statement stmt = null;
ResultSet rs;
String pass = "", fname = "", lname = "";
int userid = 0;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/bloodspring", "root", "");
stmt = conn.createStatement();
try {
String query = "SELECT user_id, user_fname, user_lname, pword FROM bld_user WHERE uname='"+ username +"'";
rs = stmt.executeQuery(query);
int res = 0;
while( rs.next() ) {
res++;
pass = rs.getString("pword");
fname = rs.getString("user_fname");
lname = rs.getString("user_lname");
userid = rs.getInt("user_id");
}
if( res == 0 ) {
response = "Invalid Username";
} else {
//String new_pass = crypt.encryption(password);
if( crypt.encryption(password).compareTo(pass) != 0 ) {
response = "Invalid username and/or password";
//response = "Original :" + pass + " :::: new : " + crypt.encryption(password);
} else {
HttpServletRequest request = null;
try {
response = fname + " " + lname;
} catch( java.lang.NullPointerException lex ) {
lex.printStackTrace();
response = "Something Wrong";
}
}
}
} catch( SQLException Ex) {
Ex.printStackTrace();
response = "Sorry something goes wrong with your MySQL query or server";
}
} catch( ClassNotFoundException E) {
E.printStackTrace();
response = "Sorry no MySQL class found";
}
return response;
}
然后它会正常工作,并从数据库返回名字,姓氏。因此,我认为我的代码不适用于会话。谁能告诉我如何将数据库中的数据存储到会话中。您可以使用spring security进行身份验证。除此之外,您还可以按照下面的代码段进行操作。请注意,您实际上不需要在会话中单独存储所有字段。将用户对象存储到会话中所需的一切
@RequestMapping(value = "login.html", method = RequestMethod.POST)
public ModelAndView post(@ModelAttribute("login") LoginEntity login, HttpServletRequest req) {
/* CHECK IN DATABASE if the user name and password matches or not */
UserObject userObject=dblogin(login.userName,login.password);
if(userObject!=null){
HttpSession session = req.getSession(true);
session.setAttribute("user",userObject);
}
else
return new ModelAndView("login");
}
是否需要自己构建身份验证?如果没有,请尝试spring security。关于npe:它被扔到哪里?显示堆栈跟踪。您正在对空请求对象调用getSession()是最早使用的。我写了那些代码。但是它不起作用。@Shimul你试过答案了吗?它应该起作用