In this tutorial, I will guide you how to implement login and logout functions for a small Java web application using Servlet, JSP, JDBC and MySQL. Just plain old, core Java EE technologies. No frameworks are used.
Suppose that you have an existing Java web project and now you wish to add the login and logout features for your website.
Table of content:
In the login page, the user enters email and password – so we need to verify that login information against data in a database table, typically the users table.
Make sure that the table you use for authentication has at least 3 fields: fullname, email and password.
Here’s the structure of the table users I use for this tutorial:
If you haven’t created any table for authentication, execute the following MySQL script to create one:
CREATE TABLE `users` ( `id` int(11) NOT NULL AUTO_INCREMENT, `email` varchar(45) NOT NULL, `password` varchar(45) NOT NULL, `fullname` varchar(45) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB;Of course you can add additional fields to this table if you want.
package net.codejava; public class User < private int id; private String fullname; private String email; private String password; // getters and setters are not shown for brevity >
You should generate getter and setter methods for all fields of this class. They are not shown in the above code or brevity.
Next, we need to implement a method that checks the login information entered by the user against the data in the database. So create UserDAO class with the following code:
package net.codejava; import java.sql.*; public class UserDAO < public User checkLogin(String email, String password) throws SQLException, ClassNotFoundException < String jdbcURL = "jdbc:mysql://localhost:3306/bookshop"; String dbUser = "root"; String dbPassword = "password"; Class.forName("com.mysql.jdbc.Driver"); Connection connection = DriverManager.getConnection(jdbcURL, dbUser, dbPassword); String sql = "SELECT * FROM users WHERE email = ? and password = ?"; PreparedStatement statement = connection.prepareStatement(sql); statement.setString(1, email); statement.setString(2, password); ResultSet result = statement.executeQuery(); User user = null; if (result.next()) < user = new User(); user.setFullname(result.getString("fullname")); user.setEmail(email); >connection.close(); return user; > >
Note that the database connection information specified in the beginning of the checkLogin() method. You should update the JDBC URL, username and password accordingly to MySQL on your computer.
You can see checkLogin() method returns a non-null User object if the email and password are found in the database. Otherwise null is returned.
To learn more about database programming in Java, read this JDBC tutorial.
When running, this login page looks like this:Bookshop Website Admin Login
Note that in the login.jsp page, we use an EL expression $ to display the message sent from the server – typically to tell the user that the login failed.
If you want to validate the fields in the form before the form is submitted, add the following script tags inside the section of the page:
Here we use 2 jQuery libraries (core and validation) from CDN websites.And add the following jQuery code before the closing