stackoom
  简体   繁体   中英

how to block a user login in servlet jsp program if he/she entered wrong password more than 3 times

 原文  2013-12-12 14:23:28       java/ jsp/ servlets/ spring-mvc

Question

How to block a user log in in servlet jsp program if he/she entered wrong password more
then 3 times can any one please explain with an example?
i have tried with client side programming using cookies in html 5. 

{<script>
   if(typeof(Storage)!=="undefined")
   {
     var attempt= localStorage. attempt+1;

     document.getElementById("attempt").innerHTML="attempt" + localStorage.attempt;
   }
</script>}

3 answers

solution1
 0  2013-12-12 14:30:21

Its not a good approach to do this in the Client side since you have no control over there. You should do this in your server side (servlet / jsp).

You can start using the following concepts:

  • A session created by your server has a unique id session.getId() .
  • Your server is responsible for the proper session management on an application.
  • You can count how many times that session has tried the login process by storing a value on the session variable to count the login attempts by session.setAttribute() method.

Combining the above concepts you can create your own process and business logic

solution2
 0  2013-12-12 14:57:29

If you are using form authentication that you define as follows 

<login-config>
     <auth-method>FORM</auth-method>
     <form-login-config>
             <form-login-page>/login.html</form-login-page>
             <form-error-page>/errors/retry.jsp</form-error-page>
     </form-login-config>
</login-config>

Then you could track the number of attempts in the retry.jsp page. That is, each time a user enters the wrong login details the container redirects to the user to the retry.jsp page. On this page a counter stored in the session is incremented by one until it reaches the limit of 3 time when the user is redirected to another page say that no more reties are allowed.

solution3
 0  2013-12-12 17:34:02

The HTML5 localstorage will be dependent on the client and will not work across all version of browsers. You should essentially code this logic on the server. Use the request.getSession() to fetch the session and on every attempt just increase the retryAttempt variable by 1 and set it in the session. You need to check it in a filter or a servlet.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how can the user be redirected to the target page after he/she login Java: How to ask user if he/she wants to continue program How to check in JSP Servlet if a password has been entered three times wrongly? How do I ask the user when he/she wants to quit the program How to ask user if he/she wants to quit the program and print out the thank you message in Java Write a Java program that asks the user if he/she likes Java programming Login Authentication using JDBC and JSP : How to check if the username and Password entered by the user exists in the Database? Java: How to ask the user if he/she wants to play again How to tell the user the days he/she inputted is already reserved? How to redirect the user to the intended page with the details he want to modify in jsp servlet?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM