...

WebContent/WEB-INF/web.xml

@@ -6,49 +6,49 @@
 		<servlet-name>businessNotesController</servlet-name>
 		<servlet-class>controller.BusinessNotesController</servlet-class>
 		<init-param>
-			<param-name>base</param-name>
+			<param-name>base1</param-name>
 			<param-value>/BusinessNotesWeb/notes</param-value>
 		</init-param>
 		<init-param>
 			<param-name>imageURL</param-name>
 			<param-value>/BusinessNotesWeb/images</param-value>
 		</init-param>
-		<load-on-startup>1</load-on-startup>
+		<load-on-startup>2</load-on-startup>
 	</servlet>
 
 	<servlet>
 		<servlet-name>businessNotesControllerRedirect</servlet-name>
 		<servlet-class>controller.BusinessNotesControllerRedirect</servlet-class>
 		<init-param>
-			<param-name>base</param-name>
+			<param-name>base2</param-name>
 			<param-value>/BusinessNotesWeb/notes/addElement</param-value>
 		</init-param>
 		<init-param>
 			<param-name>imageURL</param-name>
 			<param-value>/BusinessNotesWeb/images</param-value>
 		</init-param>
-		<load-on-startup>1</load-on-startup>
+		<load-on-startup>3</load-on-startup>
 	</servlet>
 
 	<servlet>
 		<servlet-name>businessNotesAjaxServlet</servlet-name>
 		<servlet-class>controller.BusinessNotesAjaxServlet</servlet-class>
 		<init-param>
-			<param-name>base</param-name>
+			<param-name>base3</param-name>
 			<param-value>/BusinessNotesWeb/notes/ajax</param-value>
 		</init-param>
 		<init-param>
 			<param-name>imageURL</param-name>
 			<param-value>/BusinessNotesWeb/images</param-value>
 		</init-param>
-		<load-on-startup>1</load-on-startup>
+		<load-on-startup>4</load-on-startup>
 	</servlet>
 
 	<servlet>
 		<servlet-name>loginServlet</servlet-name>
 		<servlet-class>controller.LoginServlet</servlet-class>
 		<init-param>
-			<param-name>base</param-name>
+			<param-name>base4</param-name>
 			<param-value>/BusinessNotesWeb/notes/login</param-value>
 		</init-param>
 		<init-param>

WebContent/jsp/dynamicNavBar.jsp

@@ -67,7 +67,7 @@
 
                 </ul>
                 <ul class="nav navbar-nav navbar-right">
-                    <li><a href="/BusinessNotesWeb/notes/login?logout">Logout</a></li>
+                    <li><a href="/BusinessNotesWeb/notes/login?logout=sth">Logout</a></li>
                 </ul>
             </div>
         </div>

WebContent/jsp/login.jsp

@@ -26,8 +26,8 @@
   			%>
   		</div>
 
-  		<form class="form-horizontal" role="form" action="login" method="POST">
-  		<input type="hidden" name="nextStep" id="nextStep" value=""/>
+  		<form name="login" id="login" class="form-horizontal" 
+  			role="form" action="login" method="POST">
     		<div class="form-group">
       			<label class="control-label col-sm-2" for="username">User Name:</label>
      			<div class="col-sm-10">          

src/controller/BusinessNotesController.java

@@ -39,9 +39,9 @@
 public class BusinessNotesController extends HttpServlet {
 
 	private static final String BASE = "/jsp/";
+	private static final BusinessLookUp lookupService = new BusinessLookUp();
 	private String url;
 	private Service service;
-	private BusinessLookUp lookupService = new BusinessLookUp();
 
 	@Override
 	public void init(ServletConfig config) throws ServletException {
@@ -66,22 +66,24 @@ protected void doPost(HttpServletRequest request,
 			HttpServletResponse response) throws ServletException, IOException {
 
 		if(request.getSession().getAttribute("username") == null) {
-			response.sendRedirect("notes/login");
+			response.sendRedirect(request.getContextPath() + "/notes/login");
 			return;
+		} else {
+
+
+			String nextStep = request.getParameter("nextStep");
+			RequestDispatcher requestDispatcher;
+			if (nextStep == null) {
+				nextStep = "homePage";
+			}
+			service = lookupService.getBusinessService(nextStep);
+			service.execute(request, response);
+
+			url = BASE + request.getAttribute("url");
+			requestDispatcher = getServletContext().
+					getRequestDispatcher(url);
+			requestDispatcher.forward(request, response);
 		}
 
-		String nextStep = request.getParameter("nextStep");
-		RequestDispatcher requestDispatcher;
-		if (nextStep == null) {
-			nextStep = "homePage";
-		}
-		service = lookupService.getBusinessService(nextStep);
-		service.execute(request, response);
-
-		url = BASE + request.getAttribute("url");
-		requestDispatcher = getServletContext().
-				getRequestDispatcher(url);
-		requestDispatcher.forward(request, response);
-
 	}
 }

src/controller/LoginServlet.java

@@ -1,43 +1,54 @@
 package controller;
 
 import java.io.IOException;
+import java.util.ArrayList;
 import java.util.Hashtable;
+import java.util.List;
 import java.util.Map;
 
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
-//@WebServlet(
-//		name = "loginServlet",
-//		urlPatterns = "notes/login"
-//		)
+import utils.DBUtil;
+import dao.MenuDAO;
+import dao.MenuDAOImpl;
+import dao.UserDAO;
+import dao.UserDAOImpl;
+import model.MenuVO;
+import model.UserVO;
+
+@WebServlet(
+		name = "loginServlet",
+		urlPatterns = "notes/login"
+		)
 
 public class LoginServlet extends HttpServlet {
 
-	private static final Map<String, String> userDatabase = new Hashtable<>();
+	private static final UserDAO userDao = 
+			new UserDAOImpl(DBUtil.getConnection(), null);
 
-	static {
-		userDatabase.put("111", "password");
-		userDatabase.put("112", "password");
-		userDatabase.put("113", "password");
-		userDatabase.put("114", "password");
+	@Override
+	public void init(ServletConfig config) throws ServletException {
 	}
 
 	@Override
 	protected void doGet(HttpServletRequest request, HttpServletResponse response) 
 		throws ServletException, IOException {
 
 		HttpSession session = request.getSession();
-		if(session.getAttribute("username") != null) {
+		if(request.getParameter("logout") != null) {
 			session.invalidate();
-			response.sendRedirect("login");
+			response.sendRedirect(request.getContextPath() + "/notes/login");
 			return;
 		} else if(session.getAttribute("username") != null){
-			response.sendRedirect("notes");
+			response.sendRedirect(request.getContextPath() + "/notes");
 			return;
 		}
 		request.setAttribute("loginFailed", false);
@@ -57,14 +68,21 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
 		String username = request.getParameter("username");
 		String password = request.getParameter("password");
 		if(username == null || password == null ||
-				!LoginServlet.userDatabase.containsKey(username) ||
-				!password.equals(LoginServlet.userDatabase.get(username))) {
+				username.isEmpty() || password.isEmpty()) {  
 			request.setAttribute("loginFailed", true);
 			request.getRequestDispatcher("/jsp/login.jsp").forward(request, response);
 		} else {
-			session.setAttribute("username", username);
-			request.changeSessionId();
-			response.sendRedirect(request.getContextPath() + "/notes");
+			UserVO user = userDao.getUserByUsernameId(username);
+			if(user != null && username.equals(user.getUserName()) &&
+					password.equals(user.getPassword())) {
+				session.setAttribute("username", username);
+				session.setAttribute("profile", user.getProfile().desc());
+				request.changeSessionId();
+				response.sendRedirect(request.getContextPath() + "/notes");
+			} else {
+				request.setAttribute("loginFailed", true);
+				request.getRequestDispatcher("/jsp/login.jsp").forward(request, response);
+			}
 		}
 	}
 

src/dao/UserDAO.java

@@ -6,5 +6,6 @@
 public interface UserDAO extends DAO{
 
 	UserVO getUserById(Integer userId);
+	UserVO getUserByUsernameId(String username);
 
 }

src/dao/UserDAOImpl.java

@@ -4,16 +4,11 @@
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
-import java.util.List;
-import java.util.Map;
 
 import javax.servlet.http.HttpSession;
 
-import persistence.DDBBProduct;
-import persistence.DDBBUser;
-import model.MenuVO;
-import model.ProductVO;
 import model.UserVO;
+import persistence.DDBBUser;
 
 public class UserDAOImpl extends DAOImpl implements UserDAO {
 
@@ -51,13 +46,40 @@ public UserVO getUserById(Integer userId) {
 		PreparedStatement statement = null;
 		ResultSet resultSet = null;
 
-		UserVO user = new UserVO();
+		UserVO user = null;
+		DDBBUser ddbbUser = new DDBBUser();
+		try {
+			statement = connection.prepareStatement(sql);
+			resultSet = statement.executeQuery();
+			if(resultSet.next()) {
+				user = new UserVO();
+				ddbbUser.loadResult(resultSet);
+				user.setFromPersistenceObject(ddbbUser);
+			}
+		} catch (SQLException ex) {
+			ex.printStackTrace();
+		} finally {
+			closeStmtAndRs(statement, resultSet);
+		}
+		return user;
+	}
+
+	@Override
+	public UserVO getUserByUsernameId(String username) {
+		String sql = "select * from user where USERNAME LIKE '" + username + "'";
+		PreparedStatement statement = null;
+		ResultSet resultSet = null;
+
+		UserVO user = null;
 		DDBBUser ddbbUser = new DDBBUser();
 		try {
 			statement = connection.prepareStatement(sql);
 			resultSet = statement.executeQuery();
-			ddbbUser.loadResult(resultSet);
-			user.setFromPersistenceObject(ddbbUser);
+			if(resultSet.next()) {
+				ddbbUser.loadResult(resultSet);
+				user = new UserVO();
+				user.setFromPersistenceObject(ddbbUser);
+			}
 		} catch (SQLException ex) {
 			ex.printStackTrace();
 		} finally {

src/persistence/DDBBUser.java

@@ -99,7 +99,7 @@ public void loadResult(ResultSet rs) throws SQLException {
 		}
 		setFirstName(rs.getString("FIRST_NAME"));
 		setLastName(rs.getString("LAST_NAME"));
-		setUserName(rs.getString("USER_NAME"));
+		setUserName(rs.getString("USERNAME"));
 		setPassword(rs.getString("PASSWORD"));
 		setProfile(rs.getString("PROFILE"));
 	}