I made changes to the LoginServlet and want to find out if I fixed the errors that you mentioned in your reply. Please take a look at it, if possible, and comment. I'm not going to send diffs, attached just 2 files LoginServlet.h and LoginServlet.cpp. Some comments below... > - Why is there UUServlet::doGet? It's not going to be any doGet() function in UUServlet. I call UUServlet::isUserLoggedIn() and UUServlet::redirectToLogin() from service(). > - You can start removing test output already :) > - If memory serves me right, we don't really need to mangle CSP url names. > (it's just class names that get all messed up) It gives "Object not found!" message if I use plain CSP names in URL. I guess I'll have to stick with those ugly-looking strings. > - If you are going to implement doPost() by delegating to doGet(), you > might > as well just override service(HttpServletRequest&, HttpServletResponse&) > - There should not be any need to save username and password in session > (talk to Belkman about authentication with DB, I remember we discussed > something interesting recently, and he got that to work) > > > +void LoginServlet::service(HttpServletRequest& request, > HttpServletResponse &response) { > + > + try{ > + pair<bool, string> p = process(request, response); <<<<<---- Do not > return structures. > In case above you are probably better off letting an exception fall > through anyways, > and just return false for invalid credentials. > > + bool isSuccess = p.first; > + string message = p.second; > + request.setAttribute<string>("Message",message); > + request.setAttribute<string>("cspRefer", > "CspServletthemes_LoginView_csp"); > I support this style of setting an attribute, but prefer it not be used. > Use dynamic allocation with boost::shared_ptr. See samples/session/ for > example > of how to do it. > > + if(!isSuccess){ > + request.setAttribute<string>("csp", > "CspServletthemes_LoginView_csp"); > + } else { > + // Set session parameters after successfull login > + request.getSession(true); > + request.getSession()->setAttribute("login", > request.getParameter("login")); > + request.getSession()->setAttribute("password", > request.getParameter("CustPwd")); > + request.setAttribute<string>("csp", > "CspServletthemes_HomeView_csp"); > ^^^^^^^^^^^^^^ replace request.getSession() calls with local variable. > i.e. HttpSession* session = request.getSession(true); > session->setAttribute().... > > + } > + }catch(const exception& ex) { > + request.setAttribute<string>("error",ex.what()); > + } > + doGet(request, response); <<<<<<<<<--------------- WHY? > + > +} > > Overall it looks better and better with each iteration. > > > -- > Ilya A. Volynets-Evenbakh > Total Knowledge. CTO > http://www.total-knowledge.com > >
Attachment:
LoginServlet.cpp
Description: Binary data
Attachment:
LoginServlet.h
Description: Binary data