Send parameters from JSP to Servlet using POST

Question

I am building a simple web app and attempting to create a login page. The page consists of a JSP with a form which loads a Servlet.

I have got the form working using the GET method:

JSP looks like this:

<form method="get" action="Login">
Email:<input name="email"/>
Password:<input name="password"/>
<input type="Submit" value="Log in"/>

And in the Servlet:

@WebServlet(name = "Login", urlPatterns = {"/Login"})
public class Login extends HttpServlet {

/**
* Processes requests for both HTTP
* <code>GET</code> and
* <code>POST</code> methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");

//Assign variables from the request parameters
String loginFormEmail = request.getParameter("email");
String loginFormPassword = request.getParameter("password");

This code works but it includes the username and password in the URL string, so it's obviously not good practice. I have attempted to do this using POST instead but I've been getting an error. (HTTP Status 405 - HTTP method POST is not supported by this URL)

I need to know how to send parameters from the JSP to the Servlet using POST. I think this may involve using RequestDispatcher object, but all the tutorials I've found explain using RequestDispatcher to send data from the Servlet to the JSP, not the other way around. Can you/should you use Request Dispatcher to send POST data from the JSP to the Servlet? And how to you access these parameters from the Servlet? (Is there an equivalent of request.getParameter() for POST?)

I understand that using POST still won't be secure, but it is a lot better practice than including the password in the query string, and I will think about security later.

Apologies for the basic question, I have found lots of tutorials online but none of them seem to answer this specific question. Thank you.

See answer for this question: stackoverflow.com/questions/2349633/servlets-doget-and-dopost — Eugene Loy
The error I get when using POST is HTTP Status 405 - HTTP method POST is not supported by this URL — Jon
Please put a little bit more research effort. You could just have copypasted " HTTP Status 405 - HTTP method POST is not supported by this URL" into the Google search input field or even just here on Stack Overflow (on the right top). — BalusC

NilsH NilsH · Accepted Answer · 2013-05-21T12:58:12

Try

<form method="POST" action="Login>

Note: method instead of type for specifying GET/POST.

But it's not really any more "secure" than using GET. They are still available in clear text in the post body. If you want it to be secure, make sure you use HTTPS.

Edit

You have edited your question now, and it appears that you are using method, not type. So if you still have errors after changing it to POST, specify what error you are getting.

Edit2

You specify that you are getting a HTTP method POST is not supported by this URL error. This means that your servlet does not accept the POST method. Which most likely means that you are inheriting some base servlet that only accepts GET. Seeing all of the code for the servlet would be helpful.

Send parameters from JSP to Servlet using POST

5 Answers