Home »
Java programming language
Login Session using JSP
In this tutorial, we will learn how to set the User session, validating the user details at the time of Login using JSP?
By: Vanka Manikanth, on 27 JAN 2017
For every user there will be a particular session, here we are validating the details of a user and setting the user in a session and finally we are invalidating the user.
Index.jsp
Here we are taking the input from the user and triggering the action to validate.jsp on submitting of the form.
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Session In JSP</title>
<style>
h1{
background-color:PINK;
width:50%;
}
h2{
text-decoration: underline;
}
td{
padding:15px;
width:50%;
}
legend{
background-color:green;
}
fieldset{
width:30%;
height:70%;
text-align:center;
}
</style>
</head>
<body>
<h1>Session in JSP</h1>
<h2>USER LOGIN SESSION</h2>
<fieldset>
<legend><font color="white"><b>Login Here:</b> </font></legend>
<form action="validate.jsp" method="post"> <!-- Here we are taking the values from user and triggering the validate.jsp file -->
<table>
<tr><td>USER NAME</td><td><input type="text" name="username"></td></tr>
<tr><td>PASS WORD</td><td><input type="password" name="password"></td></tr>
<tr><td></td><td><button type="submit">LOGIN</button></td></tr>
</table>
</form>
</fieldset>
</body>
</html>
Validate.jsp
Here we are validating the particular user by getting the input values, and sending them to its respective pages.
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Validate</title>
</head>
<body><!-- values given at login page are taken here and checks if the valid details are not -->
<%
String username=request.getParameter("username");
String password=request.getParameter("password");
if(username.equals("includehelp") && password.equals("includehelp")){
//if the user is valid, then this block executes and WE ARE KEEPING THE USER IN A SESSION
session.setAttribute("user", username);//THIS IS HOW WE DECLARE THE USER IN A SESSION
response.sendRedirect("logged.jsp"); //AND WE REDIRECTED TO LOGIN PAGE
}else{
//IF THE USER IS NOT AUTHORISED THEN AGAIN HE WILL BE REDIRECTED TO THE SAME LOGIN PAGE
response.sendRedirect("index.jsp");
}
%>
</body>
</html>
Logged.jsp
Soon as the validation done, if the user is authorized according to our condition will be redirected to login page else forwarded to the same login page.
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Success</title>
</head>
<body>
<%
//HERE WE GETTING THE ATTRIBUTE DECLARED IN VALIDATE.JSP AND CHECKING IF IT IS NULL, THE USER WILL BE REDIRECTED TO LOGIN PAGE
String uid = (String)session.getAttribute("user");
if (uid == null)
{
%><!-- NOT A VALID USER, IF THE USER TRIES TO EXECUTE LOGGED IN PAGE DIRECTLY, ACCESS IS RESTRICTED -->
<jsp:forward page="index.jsp"/>
<%
}
else
{//IF THE VALUE IN SESSION IS NOT NULL THEN THE IS USER IS VALID
out.println(" <h1>You have successfully created the Session of User : " +uid+"</h1>");
%>
<!-- WE HAVE GIVEN LOGOUT.JSP FILE INORDER TO LOGOUT THE SESSION -->
<a href="logout.jsp">Logout</a>
<%}
%>
</body>
</html>
Logout.jsp
Here we are just invalidating the user so that the values in the session would be invalidated.
<html>
<body>
<% session.invalidate(); %> <!-- HERE WE ARE INVALIDATE THE SESSION, SO THAT NO VALUES WILL BE PRESENT IN SESSION -->
<jsp:forward page="index.jsp"/>
</body>
<html>
NOTE: If you want to check clearly, try to run logged.jsp soon as you logged out, you will be redirected to login page. Hope you understood.
Output
