import java.io.*; import java.sql.*; import javax.servlet.*; import javax.servlet.http.*; public class Login extends HttpServlet{ public String validateUser(String inputUserid, String inputPwd) throws SQLException, ClassNotFoundException{ String returnString = null; String dbUserid = ""; // Your Database user id String dbPassword = "" ; // Your Database password Class.forName("sun.jdbc.odbc.JdbcOdbcDriver"); Connection con = DriverManager.getConnection("jdbc:odbc:teste", dbUserid ,dbPassword ); Statement stmt = con.createStatement(); String sql= "select USERID from USER where USERID = '" + inputUserid + "' and PASSWORD = '" + inputPwd +"' ;" ; ResultSet rs = stmt.executeQuery(sql); if (rs.next()) { returnString = rs.getString("USERID"); } stmt.close(); con.close(); return returnString ; } public void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException,IOException{ String userId = req.getParameter("userId"); String password = req.getParameter("password"); /************************************************************ ** call a method to validate the password which will return the ** User Name for authorized users and null string for un-authorised. **********************************************************/ String uName = validateUser(userId, password); // if uName is null .. user is not authorized. if (uName == null) { PrintWriter ot = res.getWriter(); ot.println(" Please verify the Userid and password"); ot.close(); } else { // So the user is valid let's create a seesion // for this user. HttpSession userSession = req.getSession(true); // put the user name session variable. userSession.setAttribute("userName", uName); // now we need to transfer the control to welcome.jsp RequestDispatcher rd = getServletContext().getRequestDispatcher("/welcome.jsp"); if (rd != null) { rd.forward(req,res); } } }// end of doPost }// end of servlet class