By the statement of your question your purpose is to implement security. So keep in mind that in Java EE, containers are responsible for providing application security.
A container basically provides two types of security: declarative and programmatic. And it is good practice, whenever possible, to avoid reinventing the wheel at the risk of failing to take advantage of the language features it provides.
Consider the following:
The login form must contain fields for entering a username and password. These fields should be named j_username and j_password, respectively. The authentication form must post these values to the logical name j_security_check.
All of these names beginning with j_ are standardized by the Java Servlet specification - we just need to follow the convention to allow the automatic mechanisms to work. [ Michal Cmil et al - 2014 , 310 p.]
I believe that in your case, change your form as follows:
<form method="post" action="j_security_check" >
<input type="text" name="j_username" >
<input type="password" name="j_password">
<input type="submit" name="submit">
<!-- Declaração de variaveis -->
<%!String logdefault = "admin";
String passdefault = "admin"; %>
<%
String login = null;
String password = null;
/**
* Procure evitar misturar lógica na camada de apresentação.
* Isso fere o designer Pattern MVC - Lógica fica no Controller.
*/
if(request.getParameter("login") != null
&& request.getParameter("password") != null){
login = request.getParameter("login");
password = request.getParameter("password");
if(login.equals("admin") && password.equals("admin")){
response.sendRedirect("index.jsp");
System.out.println("deu certo");
}else{
System.out.println("algo deu errado");
}
}
%>
</form>
Comment : I understand that this is experimentation code, however, it is common sense to avoid implementing logic in the presentation layer. This hurts the MVC designer pattern.
If you need to implement some logic in the presentation layer, the correct one would be to use Expression Language - EL.
The link between a JSF page and a Java support bean is made through EL. You can use EL statements to print the value of variables, access the attributes of objects on a page, or invoke a support bean method. [ Gonçalves, Antonio - 2013 , 321 p.]
The basic syntax for an EL statement is # {expr}
Declarations # {expr} will be parsed and evaluated by the JSF runtime. EL expressions can use most of the usual Java operators.
- Arithmetic: +, -, *, / (div),% (mod),
- Relational: == (eq),! = (ne), < (lt), > (gt), < = (le), > = (ge),
- Logical: & & (e), || (or),! (not), and
- Other: (), empty, [],.
I hope I have helped.
Note : More security details: here .
Reference :
[Juneau, Josh - 2013], Apress, © 2013, # : A Problem-Solution Approach - Proven Solutions for Java Enterprise Edition 7 Developement
[Gonçalves, Antonio - 2013] , Apress, © 2013, Beginning Java EE 7 (Expert Voice in Java)
[JSR 196 - JASPIC], JSR 196 - JASPIC : JavaTM Authentication Service Provider for Containers
[Anjana Mankale - 2013], Copyright © 2013 Packt Publishing, Spring Security 3.x Cookbook : Over 60 recipes to help you securely secure your web applications with Spring Security.
[Michal Cmil et al - 201 4], Copyright © 2014 Packt Publishing, Java EE 7 Development with WildFly : Leverage the power of the WildFly application server from JBoss to develop modern Java EE 7 applications.
