USE CASE

PROBLEM STATEMENT
Validated Login for Employee management JSP: Company ABC planned to create a
website for maintaining employee details. Login page need to be designed with
username, password and captcha. Username is their mail-id and password should
contain at-least 1-Uppercase alphabet, 1-special character, 1- lower alphabet. Design
the page using front end and server scripting with client / server validation. Use the
technologies: HTML5, CSS5, JavaScript, JSP.

AIM: To design a secure login system for employee management using JSP, ensuring
user authentication with email and password complexity validation.

ALGORITHM:
1. **Frontend Design:**
1. Create an HTML file for the login page layout.
2. Include input fields for email, password, and captcha.
3. Add labels and placeholders for each input field.
4. Use CSS for styling the login form to enhance the user experience.

2. **Client-Side Validation:**
1. Write JavaScript functions to validate the email format.
2. Implement password complexity validation using regular expressions.
3. Ensure all required fields are filled before form submission.
4. Display appropriate error messages for invalid input.

3. **Backend Implementation (Server-Side):**

1. Create a JSP file (e.g., `login.jsp`) to handle form submission.
2. Retrieve the email and password parameters from the request object.
3. Validate the email format and password complexity.
 4. Compare user-provided credentials with stored credentials (e.g., in a database or
hardcoded values).

4. **Database Integration (Optional):**

1. If using a database, establish a connection using JDBC.
2. Retrieve stored credentials for comparison during login validation.
3. Implement SQL queries to fetch user details from the database.

5. **Authentication and Error Handling:**

1. Authenticate the user by comparing credentials.
2. If credentials are valid, redirect to the dashboard or home page.
3. If credentials are invalid, display appropriate error messages.
4. Handle exceptions and errors gracefully to provide a smooth user experience.

6. **Security Measures:**
1. Implement encryption for password storage (if storing passwords).
2. Sanitize input data to prevent SQL injection and XSS attacks.
3. Implement measures to prevent brute force attacks (e.g., rate limiting,
CAPTCHA).

7. **Testing:**
1. Test the login system thoroughly with various scenarios.
2. Test positive cases (valid login), negative cases (invalid login), and edge cases
(empty fields, incorrect formats).
3. Ensure the system behaves as expected and handles errors appropriately.

8. **Deployment:**
1. Deploy the login system to a secure server environment.
2. Monitor the system for security vulnerabilities and performance issues.
 3. Regularly update and maintain the system to address any security patches or
updates.

PROGRAM

login.jsp:

<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="login-container">
<h2>Login</h2>
<form action="validateLogin.jsp" method="post" onsubmit="return validateForm()">
<div class="form-group">
<label for="email">Email:</label>
<input type="email" id="email" name="email" required>
</div>
<div class="form-group">
<label for="password">Password:</label>
<input type="password" id="password" name="password" required>
</div>
<div class="form-group">
<label for="captcha">Captcha:</label>
<!-- Add your captcha code here -->
</div>
<button type="submit">Login</button>
 </form>
</div>

<script src="script.js"></script>
</body>
</html>

validateLogin.jsp:

<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-

8"%>
<%@ page import="java.util.regex.Pattern"%>
<%@ page import="java.util.regex.Matcher"%>
<%@ page import="java.io.*"%>

<%
// Dummy user credentials for demonstration
String validEmail = "[email protected]";
String validPassword = "Password@123";

// Retrieve user input

String email = request.getParameter("email");
String password = request.getParameter("password");

// Validate email and password

if (email.equals(validEmail) && password.equals(validPassword)) {
// Redirect to dashboard or home page upon successful login
response.sendRedirect("dashboard.jsp");
} else {
// Handle invalid login (e.g., display error message)
out.println("<h2>Invalid email or password. Please try again.</h2>")
 }
%>

script.js:

function validateForm() {
var password = document.getElementById("password").value;

// Password complexity validation

var passwordPattern = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-
z\d@$!%*?&]{8,}$/;
if (!passwordPattern.test(password)) {
alert("Password must contain at least 8 characters, including at least one uppercase
letter, one lowercase letter, one number, and one special character.");
return false;
}
return true;
}

style.css:
.login-container {
width: 300px;
margin: 0 auto;
padding: 20px;
border: 1px solid #ccc;
border-radius: 5px;
}

.form-group {
margin-bottom: 15px;
}
label {
display: block;
margin-bottom: 5px;
}

input[type="text"],
input[type="email"],
input[type="password"] {
width: 100%;
padding: 10px;
border-radius: 5px;
border: 1px solid #ccc;
}

button {
padding: 10px 20px;
background-color: #007bff;
color: #fff;
border: none;
border-radius: 5px;
cursor: pointer;
}

button:hover {
background-color: #0056b3;
}
RESULT: HENCE,THE PROGRAM To design a secure login system for
employee management using JSP, ensuring user authentication with email and
password complexity validation.