error counter help

[jrthor2]

I need to write a class file that can be re-usable throughout our application. What I need to do is create a class file that when a user enters in some data, and that data is validated against our database, if the data is invalid (wrong pw, invalid userid, etc), my class creates a cookie that is just a counter and implents by one each time the user gets an error, and once the user gets 3 errors, they are redirected to a customer service page. We are using J2EE and using IBM's WebSphere.

Thanks for any help!!!

[ray326]

Create a little error counter object in their Session. All it needs to be is a bean incapsulating an int like so:

Code:

public ErrorCounter
{
  private int errorCount = 0;

  ErrorCounter ErrorCounter()
  {
    super();
  }

  int getErrorCount()
  {
    return errorCount;
  }

  void countUp()
  {
    errorCount++;
  }
}

That's probably got errors but it'd be a trivial class to build in WSAD anyway. If you're completely new to Java and J2EE then I sure hope you've got a mentor there or plenty of training budget.

OBTW, I hope your example was just that. You should not be doing your own user validation in J2EE; there are standard ways of leaving that job to the container.

[jrthor2]

We are lookig at container manages security. How would I do this using that instead of this way?

Also, in your code example, how do I redirect accordingly?

[buntine]

You could implement a static instance method, which will return the current state of the object to any class in the application.

Code:

public ErrorCounter
{
    public ErrorCounter()
    {
        count = 0;
        instance = this;
    }
 
    public static ErrorCounter getInstance()
    {
        return instance;
    }

    public int getErrorCount()
    {
        return count;
    }

    public void addError()
    {
        count++;
    }

    private int count;
    private static ErrorCounter instance;
}

You could easily pass exception data to the addError method.

After the class has been created, you will be able to get it from anywhere by using the following code.

Code:

ErrorCounter counter = ErrorCounter.getInstance();

Regards.

[ray326]

Originally posted by jrthor2
We are lookig at container manages security. How would I do this using that instead of this way?

Also, in your code example, how do I redirect accordingly?

The security stuff is way too much to be explained in a forum like this. I'd recommend you get cozy with the WAS Infocenter and the IBM Redbooks site.

That bean is just a little counter. What you do when you notice its value is above your threshold of pain is sort of open ended. If you declare it with a useBean tag on a JSP and check it with a scriptlet then you can do a redirect right there (as long as the headers aren't already commited).

[jrthor2]

buntine,

I was thinking of being able to use an import statement at the top of our pages to import this code so the page can use it. Is that how I would do it with your code? Make it a package and import it in the page?

Thanks for all the help

[buntine]

Yes, you would place a package statement at the top of the file. The file must be in the corresponding directory.

Code:

package handling;
// File is in root/handling

Then you would import the file into another file using the import statement.

Code:

import handling.*;
//or
import handling.ErrorCounter

Regards.

[jrthor2]

Where then do I put where the user should go based on the error count? If th user gets 3 errors, they go to a customer service page, otherwise they return the original page they were on?

[Khalid Ali]

just a quick addition here...if you are importing any libraries,classes in any of Java classes,make sure that you always import exactly what you need such as buntine pu in the post above
import handling.ErrorCounter
imports with a * are not preferred, as a matter of fact is considered extremely bad practice any more in real life...

And one more thing,if you want to use jsp pages,then try to learn struts framework(since you mentioned J2EE as well)
And in a project where you are using J2ee framework,its extremely adivesable to use Struts.

[jrthor2]

We are using the Struts framework

[Khalid Ali]

Originally posted by jrthor2
We are using the Struts framework

not sure how your app works but if the above is true then importing a single class in your jsp page is not a good practice,since this must be taken care of in your Action classes( or may be a filter that all of the pages access)

[jrthor2]

Ok, then what would be a good practice? How would you go about implementing this counter class that can be reusable by multiple pages?

[Khalid Ali]

as you said you are using J2EE framework,so in that you can have a filter of sorts that usually is the entry point for every page in your application. You can implement such functionality in that....

The above suggestion may be true or not..since I have no idea how your actuall application logic is laid out..

[jrthor2]

I'm not quite sure what you mean by having a filter as an entry point. We want a way to capture if the user enters a userid/pw and they don't match or are on file, increment a counter and after 3 bad attempts, be directed to a customer service page.

When you say filter, you mean using page synchronization? We are already going to be using that.

[Khalid Ali]

Here is what should work.
Since you are using struts, I am presuming you have something like this

Login.jsp

LoginAction.java
LoginForm.java

create a variable in the action class say int attemptsCtr = 0;

now when user tries to login, in the action class look for a request variable

request.getParameter("attemptsCtr");
if its not null and has value then convert that value to integer and assign it to
attemptsCtr...
now process that if this value is <3 then increment it by 1 and then reset the request object
attemptsCtr++;
request.setParameter("attemptsCtr",String.valueOf(attemptsCtr ));

else if its equal to 3 then whatever you want to do

I don't like using sessions much so here is the next part...
create a hidden field in the jsp
<input type="hidden" name="attemptsCtr" value="<bean:write name="attemptsCtr"/>"/>

thats about it...