错误

启动应用程序时出现问题 . 它抱怨：

org.apache.jasper.servlet.TldScanner.scanJars至少有一个JAR被扫描用于尚未包含TLD的TLD . 为此 Logger 启用调试日志记录，以获取已扫描但未在其中找到TLD的完整JAR列表 . 在扫描期间跳过不需要的JAR可以缩短启动时间和JSP编译时间 .

有一个link to screenshot output

一些源文件：

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
          http://java.sun.com/xml/ns/javaee/web-app_3_1.xsd"
           version="3.1">

    <resource-ref>
        <description>DB Connection</description>
        <res-ref-name>jdbc/users</res-ref-name>
        <res-type>javax.sql.DataSource</res-type>
        <res-auth>Container</res-auth>
    </resource-ref>

    <context-param>
        <param-name>javax.faces.CONFIG_FILES</param-name>
        <param-value>/WEB-INF/context.xml</param-value>
    </context-param>
    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>
</web-app>

context.xml

<?xml version="1.0" encoding="UTF-8"?>
<Context>
    <Resource name="jdbc/users"
              global="jdbc/users"
              auth="Container"
              type="javax.sql.DataSource"
              username="root"
              password="admin"
              driverClassName="com.mysql.jdbc.Driver"
              url="jdbc:mysql://localhost:3306/users" />
</Context>

InputServlet

package pl.javastart.prepared.servlet;

import java.io.IOException;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import javax.naming.Context;
import javax.naming.InitialContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;

@WebServlet("/InputServlet")
public class InputServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    protected void doGet(HttpServletRequest request,
                         HttpServletResponse response) throws ServletException, IOException {
        doPost(request, response);
    }

    protected void doPost(HttpServletRequest request,
                          HttpServletResponse response) throws ServletException, IOException {

        Connection conn = null;
        ResultSet resultSet = null;
        Statement statement = null;

        try {
            Context initialContext = new InitialContext();
            Context envContext = (Context) initialContext
                    .lookup("java:comp/env");
            DataSource ds = (DataSource) envContext.lookup("jdbc/users");
            conn = ds.getConnection();

            statement = conn.createStatement();
            String username = request.getParameter("username");
            String password = request.getParameter("password");
            // pass2" OR '1'='1'; --
            final String sqlQuery = "SELECT username, password FROM user WHERE "
                    +"username=" + "\"" + username + "\" "
                    +"AND "
                    +"password=" + "\"" + password + "\";";
            System.out.println(sqlQuery);
            resultSet = statement.executeQuery(sqlQuery);

            if(resultSet.next()) {
                String userFound = resultSet.getString("username");
                request.getSession().setAttribute("username", userFound);
                if("admin".equals(userFound)) {
                    request.getSession().setAttribute("privigiles", "all");
                } else{
                    request.getSession().setAttribute("privigiles", "view");
                }
            } else {
                request.getSession().setAttribute("username", "Nieznajomy");
                request.getSession().setAttribute("privigiles", "none");
            }
            request.getRequestDispatcher("result.jsp").forward(request, response);
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            try {
                resultSet.close();
                statement.close();
                conn.close();
            } catch (SQLException e) {
                e.printStackTrace();
            }
        }
    }

}

result.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"
         pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <title>Insert title here</title>
</head>
<body>
<h1>Welcome <%= session.getAttribute("username") %></h1>
<h2>Your privigiles: <%= session.getAttribute("privigiles") %></h2>
</body>
</html>

index.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"
         pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  <title>Log in</title>
</head>
<body>
<h1>Log in</h1>
<form action="InputServlet" method="post">
  <input type="text" placeHolder="Username" name="username">
  <br>
  <input type="password" placeHolder="Password" name="password">
  <br>
  <input type="submit" value="Zaloguj">
</form>
</body>
</html>

早期版本的Tomcat的解决方案在这里不起作用

1 回答

在web.xml中添加servlet映射：

<servlet>
    <servlet-name>InputServlet</servlet-name>
    <servlet-class>pl.javastart.prepared.servlet.InputServlet</servlet-class>
</servlet>
<servlet-mapping>
    <servlet-name>InputServlet</servlet-name>
    <url-pattern>/*</url-pattern>
</servlet-mapping>

回复于 2024-04-20T06:44:53+08:00

JavaEE / Tomcat 9.0.0 / IntellijIdea 2016.2：至少有一个JAR被扫描用于尚未包含TLD的TLD

错误

一些源文件：

1 回答

相关问题