Thanks guru I will come back to you after trying this snippet
-----Original Message-----
From: Raghupathy, Gurumoorthy
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 05, 2007 4:29 PM
To: Struts Users Mailing List
Subject: RE: How To Lock User Account If he Failed to give Correct
Password in three attempts
HttpSession session = request.getSession();
If ( session.getAttribute("LoginCount") == null ) {
Session.setAttribute("LoginCount", new Integer(1));
} else {
Integer loginCount = session.getAttribute("LoginCount");
try {
Writecode to login;
} catch (Loginexception e) {
If (loginCount.intValue() >2 ) {
Write code to block the user ....
return mapping.findForware("AccountLocked");
} else {
loginCount = new Integer(loginCount.intValue()
+1 );
return mapping.findForware("Login");
}
}
}
Regards
Guru
-----Original Message-----
From: Srinivasula Reddy A , Bangalore [mailto:[EMAIL PROTECTED]
Sent: 05 June 2007 11:45
To: Struts Users Mailing List
Subject: RE: How To Lock User Account If he Failed to give Correct
Password in three attempts
Yaa I know but I need some sample exact steps
-----Original Message-----
From: Raghupathy, Gurumoorthy
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 05, 2007 4:13 PM
To: Struts Users Mailing List
Subject: RE: How To Lock User Account If he Failed to give Correct
Password in three attempts
Store the count in the session using appropriate name ....
Once that is above the limit then write the code to lock it ... .
One suggestion though .....
All business logic code in single action.... That is not a good design
...
Cant you make your business objects more layered ?
Regards
Guru
-----Original Message-----
From: Srinivasula Reddy A , Bangalore [mailto:[EMAIL PROTECTED]
Sent: 05 June 2007 10:17
To: Struts Users Mailing List
Subject: How To Lock User Account If he Failed to give Correct Password
in three attempts
Hi Struts User Community,
Here I am sending my login action code (part
only) and My DAO Code. Now I have to lock the user if he failed to enter
correct user name and password in three attempts.
How can I implement this in struts?
Please help me with some sample code or rough idea?
String username = ((LoginForm) form).getUsername();
String password = ((LoginForm)
form).getPassword();
String newPassword =
com.dfs.common.helper.PasswordService.getInstance().encrypt(password);
AccessControlDAO accessDAO = new
AccessControlDAO();
UserTo userDTO =
accessDAO.getUser(username, newPassword);
if(userDTO==null){
throw new
LoginFailedException("LoginFailedException");
}
public UserTo getUser(String username, String password)throws
BaseAppException{
DBConnection ora = DBConnection.getInstance();
Connection conn = ora.createConnection();
PreparedStatement stmt = null;
ResultSet rs = null;
UserTo userDTO = null;
Query = "select * from SYSTEM_USER where SERVICE_NO=? and PASSWORD=?";
if (conn != null) {
try{
stmt =
conn.prepareStatement(Query);
stmt.setString(1,
username);
stmt.setString(2,
password);
rs =
stmt.executeQuery();
while(rs.next()){
userDTO =
new UserTo();
userDTO.setServiceNo(rs.getString("SERVICE_NO"));
userDTO.setEmpName(rs.getString("EMP_NAME"));
}
} catch (SQLException sqle) {
throw new
BaseDBException("BaseDBException");
} finally {
try{
ora.closeConnection(conn);
stmt.close();
rs.close();
}catch(SQLException e){
throw new
BaseDBException("BaseDBException");
}
}
}else{
throw new
BaseDBException("BaseDBException");
}
return userDTO;
}
Regards,
Sreenivasula Reddy A.
DISCLAIMER:
------------------------------------------------------------------------
-----------------------------------------------
The contents of this e-mail and any attachment(s) are confidential and
intended for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its
affiliates. Any views or opinions presented in
this email are solely those of the author and may not necessarily
reflect the opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure,
modification, distribution and / or publication of
this message without the prior written consent of the author of this
e-mail is strictly prohibited. If you have
received this email in error please delete it and notify the sender
immediately. Before opening any mail and
attachments please check them for viruses and defect.
------------------------------------------------------------------------
-----------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
