Segurança nas jsp's

Kleber-rr · Setembro 1, 2009, 1:13pm

Olá pessoal,

Estou tendo uma dificuldade na implementação de segurança para acesso às URL’s do meu sistema. Ocorre esse erro abaixo.

[code]HTTP Status 500 -

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

javax.servlet.ServletException: org.apache.jasper.JasperException: An exception occurred processing JSP page /jsp/checalogin.jsp at line 19

16: //clogin.getCheca(“login”, “senha”, “nivel”, “status”);
17: session.setAttribute(“log”,clogin.getStatus());
18:
19: if (session.getAttribute(“log”).equals(“logado”)){
20: response.sendRedirect(“admin.jsp”);
21: }else{
22: response.sendRedirect(“login.jsp”);

Stacktrace:
br.gov.rr.setrabes.util.HibernateSessionFilter.doFilter(HibernateSessionFilter.java:23)

root cause

org.apache.jasper.JasperException: An exception occurred processing JSP page /jsp/checalogin.jsp at line 19

16: //clogin.getCheca(“login”, “senha”, “nivel”, “status”);
17: session.setAttribute(“log”,clogin.getStatus());
18:
19: if (session.getAttribute(“log”).equals(“logado”)){
20: response.sendRedirect(“admin.jsp”);
21: }else{
22: response.sendRedirect(“login.jsp”);

Stacktrace:
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:524)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:435)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:408)
com.sun.faces.application.ViewHandlerImpl.executePageToBuildView(ViewHandlerImpl.java:439)
com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:114)
org.ajax4jsf.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:108)
org.ajax4jsf.application.AjaxViewHandler.renderView(AjaxViewHandler.java:237)
com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:106)
com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:144)
javax.faces.webapp.FacesServlet.service(FacesServlet.java:245)
org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:141)
org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:281)
br.gov.rr.setrabes.util.HibernateSessionFilter.doFilter(HibernateSessionFilter.java:20)

root cause

java.lang.NullPointerException
org.apache.jsp.jsp.admin_jsp._jspService(admin_jsp.java:119)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:393)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:408)
com.sun.faces.application.ViewHandlerImpl.executePageToBuildView(ViewHandlerImpl.java:439)
com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:114)
org.ajax4jsf.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:108)
org.ajax4jsf.application.AjaxViewHandler.renderView(AjaxViewHandler.java:237)
com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:106)
com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:144)
javax.faces.webapp.FacesServlet.service(FacesServlet.java:245)
org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:141)
org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:281)
br.gov.rr.setrabes.util.HibernateSessionFilter.doFilter(HibernateSessionFilter.java:20)

note The full stack trace of the root cause is available in the Apache Tomcat/6.0.14 logs.
Apache Tomcat/6.0.14[/code]

Minha classe que verifica o login:

[code]public class LoginDAO {
String login;
String senha;
String nivel;
String status;

public LoginDAO() {
}

public boolean getCheca(String login, String senha, String nivel,
		String status) {

	boolean ok = false;
	// boolean admin = false;

	try {
		Class.forName("org.postgresql.Driver").newInstance();
		System.out.println("DRIVER CARREGADO");
	} catch (Exception e) {
		System.out.println("driver nao carregado");
	}

	try {
		String sql = "SELECT * from Usuario where login=? AND senha=? AND nivel=?";

		// comentei para usar o conexao.class
		Connection c = DriverManager.getConnection(
				"jdbc:postgresql://localhost:5432/mogmo", "postgres",
				"postgres");
		PreparedStatement pstm = c.prepareStatement(sql);
		pstm.setString(1, login);
		pstm.setString(2, senha);
		pstm.setString(3, nivel);
		ResultSet rs = pstm.executeQuery();
		System.out.println("CONEXAO ESTABELECIDA");
		if (rs.next()
				&& rs.getString("login") != null
				&& // necessario?
				rs.getString("login").equals(login)
				&& rs.getString("senha").equals(senha)
				&& rs.getString("nivel").equals(nivel)) {
			ok = true;
			status = "logado";
			System.out.println("Usuario carregado");
		} else {
			status = "";
		}

		rs.close();
		c.close();

	} catch (SQLException ex) {
		ex.printStackTrace();
		status = "erro sql:" + ex.getMessage();
	}
	return ok;

}

public String setLogin() {

	return login;

}

public String getLogin() {
	return login;
}

public void setLogin(String login) {
	this.login = login;
}

public String getSenha() {
	return senha;
}

public void setSenha(String senha) {
	this.senha = senha;
}

public String getNivel() {
	return nivel;
}

public void setNivel(String nivel) {
	this.nivel = nivel;
}

public String getStatus() {
	return status;
}

public void setStatus(String status) {
	this.status = status;
}

}[/code]

O meu login.jsp:

[code]<%@page contentType=“text/html”%>
<%@page pageEncoding=“UTF-8”%>
<%@taglib prefix=“f” uri=“http://java.sun.com/jsf/core”%>
<%@taglib prefix=“h” uri=“http://java.sun.com/jsf/html”%>

Sistema de Login

        <h:form id="login_form">
            <h:panelGrid  columns="2" id="login_panel">
                <f:facet name="header">
                    <h:outputText value="Login" />
                </f:facet>
                <f:facet name="footer">
                    <h:commandButton value="Logar" action="#{loginHandler.login}"/>
                </f:facet>
                
                                   
         
                                    
                <h:outputLabel for="login">
                    <h:outputText value="login"/>
                </h:outputLabel>
                <h:inputText value="#{loginHandler.LO.login}" id="login" />
                
         
                
                <h:outputLabel for="senha">
                    <h:outputText value="senha"/>
                </h:outputLabel>                    
                <h:inputSecret value="#{loginHandler.LO.senha}" id="senha" />
            </h:panelGrid>
        </h:form>
    
    </body>
</f:view>

[/code]

O meu checalogin.jsp

[code]<%@ page language=“java” contentType=“text/html; charset=UTF-8”
pageEncoding=“UTF-8”%>

checalogin <%@page import="br.gov.rr.setrabes.dao.*" %> <% LoginDAO clogin=new LoginDAO(); clogin.setLogin(request.getParameter("login")); clogin.setSenha(request.getParameter("senha")); clogin.setNivel(request.getParameter("nivel")); //clogin.getCheca("login", "senha", "nivel", "status"); session.setAttribute("log",clogin.getStatus());

if (session.getAttribute(“log”).equals(“logado”)){
response.sendRedirect(“admin.jsp”);
}else{
response.sendRedirect(“login.jsp”);
}
%>

[/code]

Alguem pode me dizer onde estou errando??

Agradeço.

system · Dezembro 30, 2015, 1:39am

Segurança nas jsp's

Cursos de Mobile

Cursos de Programação

Cursos de Front-end

Cursos de DevOps

Cursos de Design & UX

Cursos de Business

Cursos de Data & BI