I created a simple login page. If the user entered right username and password the page ill be redirected to the success page otherwise it will be redirected to the index page. In login page i given the form submit action to the servlet. Once the servlet validates the input it will dispatched to the respective jsp page. My problem was the action name still in the url after the dispatch also. Is it right?
package com.123.www;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class Login extends HttpServlet {
private static final long serialVersionUID = 1L;
public Login() {
super();
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
response.setContentType("text/html");
//PrintWriter out = response.getWriter();
String userName = request.getParameter("username");
String passWord = request.getParameter("password");
RequestDispatcher view = null ;
if((userName=="")&&(passWord==""))
{
view = request.getRequestDispatcher("index.jsp");
}
else
{
HttpSession session = request.getSession(true);
session.setAttribute("name",userName);
view = request.getRequestDispatcher("success.jsp");
}
view.forward(request, response);
}
}
Dispatching happens server side, not client side. The forward basically tells the servletcontainer which view to use to present the result. Its location indeed doesn't appear in the client's browser address bar. This will only happen when you use a redirect instead by response.sendRedirect(). A redirect basically tells the webbrowser to fire a new GET request on the given location. Hereby the browser address bar will be changed to the new URL.
Just hide away the view (the JSP file) in /WEB-INF folder so that it cannot be directly accessed by the enduser anymore, and reuse the very same servlet to show the login form via doGet() and continue processing the login form submit via doPost(). If you don't implement doGet() then it would show HTTP Status 405 - HTTP method GET is not supported by this URL.
@WebServlet("/login")
public class LoginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// Just show form.
request.getRequestDispatcher("/WEB-INF/login.jsp").forward(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// Process form submit.
// ...
if (success) {
response.sendRedirect("home");
} else {
request.getRequestDispatcher("/WEB-INF/login.jsp").forward(request, response);
}
}
}
This way you can get the login page by http://example.com/context/login and submit to the same URL.
You can do the same for all other URLs by a single servlet with help of the front controller pattern. It's only a bit of work and that's also why MVC frameworks exist :)