-1

My servlet is supposed to redirect me to a welcome.jsp page if the authentification succeed and to a fail.jsp if not.

user = request.getParameter("name");
pass = request.getParameter("pass");
String q = "select * from users where user=" + user
        + " and  password=" + pass + "";
Statement st = con.createStatement();
ResultSet rs = st.executeQuery(q);
String username = null;
String password = null;

while (rs.next()) {
    username = rs.getString(2);
    password = rs.getString(3);

}
if (username.equals(user) && password.equals(pass)) { // <-- Here is line 56
    response.sendRedirect("Welcome.jsp");

} else {
    response.sendRedirect("Fail.jsp");
}

. 

Avertissement:   StandardWrapperValve[LoginServlet]:Servlet.service() for servlet LoginServlet threw exception
               java.lang.NullPointerException
               at com.DemoLogin.LoginServlet.service(LoginServlet.java:56)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
        at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1682)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:318)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160)
        at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734)
        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673)
        at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174)
        at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:416)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:283)
        at com.sun.enterprise.v3.services.impl.ContainerMapper$HttpHandlerCallable.call(ContainerMapper.java:459)
        at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:167)
        at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:206)
        at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:180)
        at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:235)
        at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
        at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:283)
        at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:200)
        at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:132)
        at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:111)
        at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
        at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:536)
        at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112)
        at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:117)
        at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:56)
        at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:137)
        at  org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:591)
        at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:571)
        at java.lang.Thread.run(Thread.java:745)
BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
Aziz
  • 129
  • 1
  • 9
  • @JohnnySparow. No your problem is not different. And when you understand why, you will have become a better coder. – Mad Physicist Mar 08 '16 at 13:55
  • @JohnnySparow. Good. Small steps is the best way to get where you are going. Glad to see you are on the right track. – Mad Physicist Mar 08 '16 at 14:03
  • @JohnnySparrow. It is. We all started in pretty much the same place at one time or another. Every time you spend 7 hours banging your head against the wall and then get the solution a few days (or weeks) later, you've made progress. Doesn't seem that way now, but you'll have learned a lot more than just how not to make this one specific mistake. Kudos just for keeping at it in the face of all that. – Mad Physicist Mar 08 '16 at 14:09
  • This is not JSP/Servlet specific. This is just basic Java. Every compiler error and exception of `java.lang.*` package such as `java.lang.NullPointerException` coming from own code is just basic Java. Most likely it's too early to dive into JSP/Servlets and you'd better take a step back and work through the basic Java examples first (Oracle, OCP, etc). – BalusC Mar 08 '16 at 14:33

2 Answers2

0

You are doing a equals in a String that is null, if the query returns 0 elements, both username and password are null, thus giving a nullpointer.

if(username==null || password==null){

          response.sendRedirect("Fail.jsp");
          return;
}
if (username!=null && username.equals(user)&& password.equals(pass))
        {
            response.sendRedirect("Welcome.jsp");
          return;

        }
        else {
          response.sendRedirect("Fail.jsp");
          return;
        }

Also you should use a return; after the redirects just to be sure, and building a dao would also help, having the sql code in the servlet code will become a mess in the long run

Tiago
  • 718
  • 10
  • 16
0

Try this below code

if(rs.next())
    {
       response.sendRedirect("Welcome.jsp");

    }        
    else {
      response.sendRedirect("Fail.jsp");
    }

If username and password is correct then rs.next() will be true, because you query will retrieve one row from the database. So you can redirect to the user in Welcome.jsp. Else the user provided wrong username or password, so you can redirect to the user Fail.jsp.

But in your approach if user provides wrong username or password then you definitely will get a NullPointerException as you do not take care about null check properly.

One important point while you are using Connection or Statement or ResultSet , you should properly take care about opening and closing of these.

Bacteria
  • 8,406
  • 10
  • 50
  • 67
  • Yes you're right.. that's clever!!! but i'm facing a problem with the jdbc connector and i don't know the reason why. It shows me this : Avertissement: The web application [/WebApplication5] registered the JDBC driver [com.mysql.jdbc.Driver] but failed to unregister it when the web application was stopped. To prevent a memory leak, the JDBC Driver has been forcibly unregistered. Infos: visiting unvisited references – Aziz Mar 08 '16 at 13:01
  • You did not close Connection or Statement or ResultSet. Could please update your code and try. – Bacteria Mar 08 '16 at 13:03
  • Yes i did modified my code. Now i don't get errors but i always got redirected to fail.jsp even when i type the right username and password. – Aziz Mar 08 '16 at 14:37
  • In the query you have to put this user=' "+user+" ' instead of user=" + user + " . I used your query in the first place and it shows me error while login – Aziz Mar 08 '16 at 15:02
  • Right. So are you able to login now? – Bacteria Mar 08 '16 at 15:06
  • Now yes!!!! well we have to write this : if(rs.next()) { username = rs.getString(2); password = rs.getString(3); response.sendRedirect("Welcome.jsp"); } else { response.sendRedirect("Fail.jsp"); } – Aziz Mar 08 '16 at 15:15
  • Great. But if you are not doing anything with username and password, then you can skip get those values from resultset. – Bacteria Mar 08 '16 at 15:17