Servlet Login : Authentication « Servlet « Java Tutorial

import java.io.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class MyServlet extends HttpServlet {

  public void doPost(HttpServletRequest req, HttpServletResponse res)
                                throws ServletException, IOException {
    res.setContentType("text/html");
    PrintWriter out = res.getWriter();

    String account = req.getParameter("account");
    String password = req.getParameter("password");
    String pin = req.getParameter("pin");

    if (!allowUser(account, password, pin)) {
      out.println("<HTML><HEAD><TITLE>Access Denied</TITLE></HEAD>");
      out.println("<BODY>Your login and password are invalid.<BR>");
      out.println("You may want to <A HREF=\"/login.html\">try again</A>");
      out.println("</BODY></HTML>");
    }
    else {
      out.println("<HTML><HEAD><TITLE>Access Denied</TITLE></HEAD>");
      out.println("<BODY>Your login and password are valid.<BR>");
      out.println("</BODY></HTML>");        
      HttpSession session = req.getSession();
      session.setAttribute("logon.isDone", account);  // just a marker object

      try {
        String target = (String) session.getAttribute("login.target");
        if (target != null) {
          res.sendRedirect(target);
          return;
        }
      }
      catch (Exception ignored) { }

      //res.sendRedirect("/");
    }
  }

  protected boolean allowUser(String account, String password, String pin) {
    return true;
  }
}

<HTML>
<TITLE>Login</TITLE>
<BODY>
<FORM ACTION=LoginHandler.do METHOD=POST>
<CENTER>
<TABLE BORDER=0>
<TR><TD COLSPAN=2>
<P ALIGN=CENTER>
Welcome!<br>
Please enter your Account Number,<br>
 Password, and PIN to log in.
</TD></TR>

<TR><TD>
<P ALIGN=RIGHT><B>Account:</B>
</TD>
<TD>
<P><INPUT TYPE=TEXT NAME="account" VALUE="" SIZE=15>
</TD></TR>

<TR><TD>
<P ALIGN=RIGHT><B>Password:</B>
</TD>
<TD>
<P><INPUT TYPE=PASSWORD NAME="password" VALUE="" SIZE=15>
</TD></TR>                                                            

<TR><TD>
<P ALIGN=RIGHT><B>PIN:</B>
</TD>
<TD>
<P><INPUT TYPE=PASSWORD NAME="pin" VALUE="" SIZE=15>
</TD></TR>                                                            
                                                                      
<TR><TD COLSPAN=2>                                                    
<CENTER>                                                              
<INPUT TYPE=SUBMIT VALUE="  OK   ">                                   
</CENTER>                                                             
</TD></TR>
</TABLE>
</FORM>                                                               
</BODY></HTML>

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>

    <servlet><servlet-name>MyServletName</servlet-name>
             <servlet-class>MyServlet</servlet-class>

             
    </servlet>
    
    <servlet-mapping><servlet-name>MyServletName</servlet-name>
        <url-pattern>*.do</url-pattern>
    </servlet-mapping>

</web-app>

Download: ServletLogin.zip( 1,067 k)

25.22.Authentication
	25.22.1.	Simple Servlet Example using the getRemoteUser() method.
	25.22.2.	Get Auth Type from Servlet Request
	25.22.3.	Servlet Login
	25.22.4.	A password protected servlet
	25.22.5.	Servlet with bouncy castle security package