I made changes to the LoginServlet and want to find out if I fixed the
errors that you mentioned in your reply. Please take a look at it, if
possible, and comment. I'm not going to send diffs, attached just 2 files
LoginServlet.h and LoginServlet.cpp.
Some comments below...
> - Why is there UUServlet::doGet?
It's not going to be any doGet() function in UUServlet. I call
UUServlet::isUserLoggedIn() and UUServlet::redirectToLogin() from
service().
> - You can start removing test output already :)
> - If memory serves me right, we don't really need to mangle CSP url names.
> (it's just class names that get all messed up)
It gives "Object not found!" message if I use plain CSP names in URL. I
guess I'll have to stick with those ugly-looking strings.
> - If you are going to implement doPost() by delegating to doGet(), you
> might
> as well just override service(HttpServletRequest&, HttpServletResponse&)
> - There should not be any need to save username and password in session
> (talk to Belkman about authentication with DB, I remember we discussed
> something interesting recently, and he got that to work)
>
>
> +void LoginServlet::service(HttpServletRequest& request,
> HttpServletResponse &response) {
> +
> + try{
> + pair<bool, string> p = process(request, response); <<<<<---- Do not
> return structures.
> In case above you are probably better off letting an exception fall
> through anyways,
> and just return false for invalid credentials.
>
> + bool isSuccess = p.first;
> + string message = p.second;
> + request.setAttribute<string>("Message",message);
> + request.setAttribute<string>("cspRefer",
> "CspServletthemes_LoginView_csp");
> I support this style of setting an attribute, but prefer it not be used.
> Use dynamic allocation with boost::shared_ptr. See samples/session/ for
> example
> of how to do it.
>
> + if(!isSuccess){
> + request.setAttribute<string>("csp",
> "CspServletthemes_LoginView_csp");
> + } else {
> + // Set session parameters after successfull login
> + request.getSession(true);
> + request.getSession()->setAttribute("login",
> request.getParameter("login"));
> + request.getSession()->setAttribute("password",
> request.getParameter("CustPwd"));
> + request.setAttribute<string>("csp",
> "CspServletthemes_HomeView_csp");
> ^^^^^^^^^^^^^^ replace request.getSession() calls with local variable.
> i.e. HttpSession* session = request.getSession(true);
> session->setAttribute()....
>
> + }
> + }catch(const exception& ex) {
> + request.setAttribute<string>("error",ex.what());
> + }
> + doGet(request, response); <<<<<<<<<--------------- WHY?
> +
> +}
>
> Overall it looks better and better with each iteration.
>
>
> --
> Ilya A. Volynets-Evenbakh
> Total Knowledge. CTO
> http://www.total-knowledge.com
>
>
Attachment:
LoginServlet.cpp
Description: Binary data
Attachment:
LoginServlet.h
Description: Binary data