In my LoginAction i am setting the session as
private boolean isUserExist() {
Connection con = null;
boolean result = false;
// MD5Util MD5=new MD5Util();
try {
con = ConnectionFactory.getConnection();
String sqlQ = "SELECT * FROM USER_MASTER WHERE LOGIN_ID=?"
+ "AND PASSWORD=? AND ROLE=? AND STATUS='Y'";
PreparedStatement pstmt = con.prepareStatement(sqlQ);
pstmt.setString(1, getUserId().trim());
pstmt.setString(2, getPassword().trim());
pstmt.setString(3, getRole().trim());
ResultSet rst = pstmt.executeQuery();
if (rst.next()) {
user = new User();
user.setUserId(rst.getInt("USER_ID") == 0 ? 0 : rst
.getInt("USER_ID"));
user.setUserName(rst.getString("USER_NAME") == null ? "" : rst
.getString("USER_NAME"));
user.setRole(rst.getString("ROLE") == null ? "" : rst
.getString("ROLE"));
user.setAddress(rst.getString("LOGIN_ID") == null ? "" : rst
.getString("LOGIN_ID"));
user.setCandidateId(rst.getString("CANDIDATE_ID") == null ? ""
: rst.getString("CANDIDATE_ID"));
if (getCustType1() == null) {
user.setCustType("");
} else {
user.setCustType(getCustType1());
}
result = true;
* getSession().put("loginDetails",user);*
}
And in other Actions i am getting the session as :
User user = (User) getSession().get("loginDetails");
if (user == null) {
addActionMessage("Not Authorize to view this page.");
return ERROR;
}
AppointmentDocDBdao appointmentdocdob = new AppointmentDocDBdao();
custType = appointmentdocdob.getCustType(Integer.parseInt(user
.getCandidateId()));
Is there any problem in this code.
