Saturday, March 21, 2015

How create login and logout program in JAVA and JSP by disabling back button?

login.jsp



success.jsp


error.jsp


Step 1: 
Create login form “login.jsp” using two fields username and password, and give the form action to “loginaction.jsp”.

login.jsp

1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Login Demo</title>
        <style>
            li{
                list-style: none;
            }
        </style>
    </head>
    <body>
        <div style="margin:10% 0px 0px 40%; border:2px solid black; width:300px">
            <form action="loginaction.jsp" method="post">
                <ul>
                    <li></li>
                    <li><h2>Login Demo</h2></li>
                </ul>
                <ul>
                    <li>User Name : </li>
                    <li><input type="text" name="username" required="true" placeholder="user" size="30"/></li>
                </ul>
                <ul>
                    <li>Password : </li>
                    <li><input type="password" name="password"  required="true" placeholder="password" size="30"/></li>
                </ul>
                <ul>
                    <li></li>
                    <li><input type="submit" name="Submit" value="LOGIN"/></li>
                </ul>
            </form>
        </div>
    </body>
</html>

Step 2:
Create login form “loginaction.jsp”. In loginaction.jsp we will get the username and password and validate it if username and password is correct then we will set into session for further use. Here I have taken username as “ram” and  pssword as “ram123”. You can put the any business logic for getting the values from db or from any where.

loginaction.jsp

1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
<%
    String user = request.getParameter("username").toString();
    String pass = request.getParameter("password").toString();

    try {
        if ((user.equals("ram")) && (pass.equals("ram123"))) {
            //here we can get the username from db or any where
            session.setAttribute("username", user);
            session.setAttribute("password", pass);
            response.sendRedirect("success.jsp");
        } else {
            response.sendRedirect("error.jsp");
        }
    } catch (Exception e) {
        response.sendRedirect("login.jsp");
    }
%>

Step 3:
Create “success.jsp” . In this file we need to add response header for clearing the cache so user can not go to success page once logout the page.

success.jsp

1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<%
    response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0");
    response.setHeader("Pragma", "no-cache");
%>
<%
    try {
        if ((session.getAttribute("username")).toString() == null || (session.getAttribute("password")).toString() == null) {
            response.sendRedirect("login.jsp");
        }
    } catch (Exception e) {
        response.sendRedirect("login.jsp");
    }
%>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
        <title>Success Page</title>
    </head>
    <body>
        <h1>Login success !</h1>
        </br>
        <a href="logout.jsp" class="ast"> click here to Logout</a>
    </body>
</html>

Step 4: Create “error.jsp”.

error.jsp

1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Error Page</title>
    </head>
    <body>
        <h1>Login failed <a href="login.jsp"> click here to try again</a></h1>
    </body>
</html>

Step 5:
Create “logout.jsp”. In this file we have invalidate the session and redirect to login page again.

logout.jsp

1
2
3
4
<%
    session.invalidate();
    response.sendRedirect("login.jsp");
%>


No comments :

Post a Comment