1

I am struggling with SQL Server 2005 and JDBC. I have a stored procedure:

set ANSI_NULLS ON
set QUOTED_IDENTIFIER ON
go

ALTER proc [dbo].[sp_logincheck]
    @username as nvarchar(50),
    @password as nvarchar(50)
as
begin
    select * 
    from users 
    where user_name = @username 
      and password = @password 
      and is_active = 'Yes'
end

And my User class is:

import java.sql.*;

public class User {
    private String username;

    private User(String username){
        this.username = username;
    }

    public static User login(String username, char [] password) throws SQLException{
        if(username == null || password == null){
            throw new IllegalArgumentException("Illegal arguments passed to method");
        }
        if(login1(username, password)){
            return new User(username);
        }
        return null;
    }

    private static boolean login1(String username, char [] password) throws SQLException{
        Connection connection = null;
        CallableStatement statement = null;
        try{
            connection = DriverManager.getConnection(AppParameters.dbURL, AppParameters.dbUsername, AppParameters.dbPassword);
        }catch(SQLException e){
            throw e;
        }
        try{
            statement = connection.prepareCall("{ ? = call dbo.sp_logincheck(?,?) }");
            statement.registerOutParameter(1, Types.INTEGER);
            statement.setString(2, username);
            statement.setString(3, new String(password));
            statement.execute();
            if(statement.getInt(1) == 1){
                System.out.println("Login Successfull");
                return true;
            }
            System.out.println("Login Failed");
            return false;
        }catch(SQLException sqle){
            sqle.printStackTrace();
            throw sqle;
        }finally{
            try{
                statement.close();
            }catch(Exception e){
            }
            try{
                connection.close();
            }catch(Exception e){
            }
        }
    }

    public  String getUsername(){
        return username;
    }
}

Calling login() method always prints Login Failed. How can I use stored procedure in SQL Server and using JDBC to perform user login? Or going with raw SQL statements is better? Please guide me on this.

EDIT:

I would also like to know how to get the ResultSet from the above stored procedure, as I have a select query inside the stored procedure.

Improve this question

3 Answers 3

Reset to default
1

Try the following:

ResultSet rs = statement.executeQuery();
if (! rs.isLast()) {
    // match
} else {
    // no match
}

Also, I'd recommend to select only the count (select count(*) as cnt from ...), and use like int count = rs.next().getInt("cnt");

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

its working.. but instead of using if(!rs.isLast()), I am using return rs.next(); it will be fine, right?
1

Try to change select * from users... in your sql statement to select count(*) from users... in the stored procedure .

Otherwise your expression if(statement.getInt(1) == 1){ does not make any sense.

Improve this answer

5 Comments

I did that, but same output :(
Have you restarted you application after altering stored procedure?
Please, add System.out.println(statement.getInt(1)); after statement.execute(); and show us what it prints out.
@Meraman Have you tried ResultSet rs = statement.executeQuery();, and rs.next() - if you have rows, the password matches. Also, I'd recommend to select only the count, and use like int count = rs.getInt("count");
@Andremoniy statement.getInt(1) is always returning 0 for valid or invalid users.
0

If 

statement.getInt(1)
is equals the number of rows resulted or there are at least one row . Then this may be a data mismatch case . No data found

Improve this answer

1 Comment

Reading from the statement has no sense, he could get the value he set for the first parameter of the query, it if were int. You can do it even before calling the query, this will surely not contain any result.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.