What HTTP error code should I use?

Navigation
0

The project has a login page with two fields one email and another one that is your password! I have a javaweb application and in the deployment descriptor I have some declared error pages, which are related to the errors made by the users, with these error pages I forward them to custom pages informing the respective problem! These two are famous: 

    <error-page>
        <error-code>404</error-code>
        <location>/WEB-INF/ErroPaginaNaoEncontrada.jsp</location>
    </error-page>
    <error-page>
        <error-code>500</error-code>
        <location>/WEB-INF/ErroLogin.jsp</location>
    </error-page>

The first, 404, page not found is ok.

The second, 500, login error has a small defect, I do not know if it is a mistake of mine, when the user puts his wrong email and the password is right, the application is all right! As he entered his incorrect email the error is picked up by the application and the client is forwarded to a page saying that he has put the wrong email! But if it puts the correct email and the wrong password the error is not captured by the application, I do not know what to do. What status code should I place to capture this exact password error? or what is the most viable solution? I've tried some of the line 400 up to 500, but nothing! Here is my Login servlet: 

public class Login extends HttpServlet {

    private UsuarioDAOInterface usuarioDAO = DAOFactory.createFactory(NomeBanco.DAO_BD).criarUsuarioDAO();

    public void doGet(HttpServletRequest request,
            HttpServletResponse response)
            throws ServletException, IOException {

        doPost(request, response);
    }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        request.setCharacterEncoding("UTF-8");

        String email = request.getParameter("email");
        String senha = request.getParameter("senha");


        UsuarioBean usuario = new UsuarioBean();

        usuario = usuarioDAO.selecionarPorEmail(email);
        HttpSession session = request.getSession();
        session.setAttribute("usuario", usuario);


        if (usuario.getEmail().equals(email) && usuario.getSenha().equals(senha)) {

            RequestDispatcher dispatcher
                    = request.getRequestDispatcher("Home.jsp");

            dispatcher.forward(request, response);
        }

    }
}
    
asked by anonymous 08.01.2016 / 17:45

1 answer

1

Hello, @Pena,

As you did not go into details of how your application is implementing the login, I will speak only of HTTP. When a user accesses a resource that he does not have due access to, the HTTP CODE for this is 403.

You could do something like this: 

<error-page>
    <error-code>403</error-code>
    <location>/WEB-INF/ogin.jsp?msg=Usuário sem direito de acesso</location>
  </error-page>

If you have a problem implementing your login logic, we'll be here to try to help, just ask a new question.

Follow the Status Code link: link

    
08.01.2016 / 22:49
Doubt about development environment LAMP with Vagrant and provision with Puppet Disappearing two divs with jquery