Sample JSP code for a Complete Web Login System

Useful JSP code to implement a secure Login system. You can deploy the below sample JSP code for a Complete Web Login System on any Servlet/JSP container like Tomcat

login.jsp

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <h1>Login Page</h1>
        <center>
        <%
    if(null!=request.getAttribute("errorMsg"))
    {
        out.print(request.getAttribute("errorMsg"));
    }
        %>
            <form action="Check.jsp" method="post">
           <pre/> <br/>Username:<input type="text" name="username">
            <br/>Password:<input type="password" name="password">
            <br/><input type="submit" value="Submit">
            </form>
        </center>
    </body>
</html>

logout.jsp

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <%
        session.removeAttribute("username");
        session.removeAttribute("password");
        session.invalidate();
        %>
        <h1>You're Successfully Logged out. Redirecting you back to Login page...</h1>
<%      response.sendRedirect("ping.jsp"); %>
        </body>
        </html>

ping.jsp

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<meta http-equiv="refresh" content="120">
<title>URL Monitor</title>
</head>
<body>
<%
if (session.getAttribute("username") == null || session.getAttribute("username").equals(""))
{
//out.print("Error : Unknown Login");
//response.setHeader("Refresh", "5;url=login.jsp");
request.setAttribute("errorMsg","Please enter your Credentials to Login");
request.getRequestDispatcher("login.jsp").forward(request, response);
//response.sendRedirect("login.jsp");
}
<a href="logout.jsp">Logout</a>
//All Stuff for Logged in user goes here
</body>
</html>

Error.jsp

<%@page contentType="text/html" pageEncoding="UTF-8"%>

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <h1>Some Error has occured,Please try again later...</h1>
        <a href="/login.jsp">Click here to Go back and Login again</a>
    </body>
</html>

Check.jsp

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <%
        String username=request.getParameter("username");
        String password=request.getParameter("password");

        if((username.equals("test") && password.equals("test")))
            {
            session.setAttribute("username",username);
            response.sendRedirect("ping.jsp");
            }
        else
            response.sendRedirect("Error.jsp");
        %>
        </body>
        </html>

 

Author: Ahmed I

I am a Linux System Admin

Leave a comment