Cookie login logout session example using Servlet jsp


This tutorial explains how to create and login logout code using stateless client based session cookie.

                 

                    Creates a cookie, a small amount of information sent by a servlet to a Web browser, saved by the browser, and later sent back to the server. A cookie's value can uniquely identify a client, so cookies are commonly used for session management. Read More


Environment used:

                Eclipse luna

                Jdk 1.8

                Servlet 2.5 web module

                Tomcat 8 (require servlet 3.1 jar)

 

Step 1:

                Create a simple login page login.html

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
<form action="login1" method="post">
      User:<br/><input type="text" name="user"/><br/>
      Password:<br/><input type="password" name="password"/><br/>
      <input type="submit" value="Login"/>
      </form>
</body>
</html>

Step 2:

                Create a Login Servlet (Login.java).

This servlet will

1.       Authenticate the user (username: candidjava , password: candidjava)

2.       create new cookie object

3.       redirect to home page

If the username password is invalid it will redirect to login.html with an error message.

package com.candidjava.servlet.cookie;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class Login extends HttpServlet {
	private static final long serialVersionUID = 1L;

	protected void doPost(HttpServletRequest request,
			HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		String un = request.getParameter("uname");
		String pw = request.getParameter("pass");

		PrintWriter out = response.getWriter();
		Cookie ck = new Cookie("auth", un);
		ck.setMaxAge(600);
		if (un.equals("candidjava") & pw.equals("candidjava")) {
			response.addCookie(ck);
			response.sendRedirect("home.jsp");
			return;
		} else {
			RequestDispatcher rd = request.getRequestDispatcher("login.html");
			out.println("Either user name or password is wrong.");
			rd.include(request, response);
		}
	}
}

Step 3:

                home.jsp

This page will be loaded after successful login, and it will automatically logged out if the session time exceeds 10min or if user deleted all cookie from the browser

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
	pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
	<%
		Cookie[] cks = request.getCookies();
		if (cks != null) {
			for (int i = 0; i < cks.length; i++) {
				String name = cks[i].getName();
				String value = cks[i].getValue();
				if (name.equals("auth")) {
					break; // exit the loop and continue the page
				}
				if (i == (cks.length - 1)) // if all cookie are not valid redirect to error page
				{
					response.sendRedirect("sessionExpired.html");
					return; // to stop further execution
				}
				i++;
			}
		} else {
			response.sendRedirect("sessionExpired.html");
			return; // to stop further execution
		}
	%>
	<h3>You had successfully logged in.</h3>
	<br> your session is set to expire in 10min
	<br> try reloading after 10 min
	<br>
	<form action="Logout" method="post">
		<input type="submit" value="Logout">
	</form>
</body>
</html>

Step 4:

                web.xml mapping

<?xml version="1.0" encoding="UTF-8"?>

<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns="http://java.sun.com/xml/ns/javaee" 
   xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
   xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
   http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
   id="WebApp_ID" version="3.0">
   
   <display-name>Struts 2</display-name>
   <welcome-file-list>
      <welcome-file>index.jsp</welcome-file>
   </welcome-file-list>
   <filter>
      <filter-name>struts2</filter-name>
      <filter-class>
         org.apache.struts2.dispatcher.FilterDispatcher
      </filter-class>
   </filter>

   <filter-mapping>
      <filter-name>struts2</filter-name>
      <url-pattern>/*</url-pattern>
   </filter-mapping>
</web-app>

Screen shot





Download Example

War file : cookie example

Zip file : Cookie example



 Related example

Jsp servlet login example

Registration form using servlet      

Login session management in servlet using cookie  

Login session management in servlet using HttpSession

File upload using jsp and servlet                         

File download using jsp and servlet




Comments

Anony
         sessionExpired.html file???
BURHAN
         where is your sessionExpired file
ekta
         where is sessionExpired.html file

©candidjava.com