How to save into sql server database without user and password

Question

I want to save data in sql server database without username or password. the code example is given bellow. Can anyone explain the cause of not save the data into database? Thank in advance. Please help me

<%
       String username = request.getParameter("username");
       String password = request.getParameter("password");

       try  
       {
           Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
           String url = "jdbc:sqlserver://localhost:1433;databaseName=azan";
           Connection con = null;
           con = DriverManager.getConnection(url);
           Statement st = con.createStatement();
           String sql = "INSERT INTO huzaifa (username,password) VALUES ('"+username+"','"+password+"')";
           st.executeUpdate(sql);
           con.close();


       }catch (Exception ex)
       {
       System.out.print(ex);
       }//

   %>

Answer 1

The only way you can do this is using JNDI Bound Datasource in the server. In general the way it works as follows:

1. Configure a datasource in the server. The username and password are part of the configuration.
2. The datasources is bound to to JNDI tree.
3. The datasource can be looked up into JNDI tree and from there a connection can be obtained.
4. Once you have the connection, you can fire queries.

Here is an example of how to do this in Tomcat.

Answer 2

I suggest you to move the database operation code in a Servlet rather than doing in JSP.

If you really you want to do in JSP as well then try to avoid Scriplet.

Use JSP Standard Tag Library and JSP Expression Language instead of using Scriplet that is more easy to manage and less error prone. Use SQL Tag Library that provides JSTL SQL tags for accessing databases in JSP.

sample code:

<sql:setDataSource var="dataSource" 
    driver="com.microsoft.sqlserver.jdbc.SQLServerDriver"
    url="jdbc:sqlserver://localhost:1433;databaseName=azan" user=""
    password="" />

<sql:update dataSource="${dataSource}"
    sql="INSERT INTO huzaifa (username,password) VALUES ( values(?,?)">
    <sql:param value="${param.username}" />
    <sql:param value="${param.password}" />
</sql:update>

Answer 3

First let me understand your question. You are getting 2 values from the parameter and save it in database. Now you are trying to save the values without the column names?am i right?. If this is the case, then you just use the INSERT command without column names.

e.g INSERT INTO table_name VALUES (value1,value2,value3,...);

Or else, If you want to save a value in Database without giving the Authentication Username and Password, Its not possible, I hope..

Answer 4

From a SQL Server perspective, if you don't wish to state the username and password in your application connection, you would need to use integrated security which passes the logged in user or user context that is configured in your web server.

I am not a java developer but have located the following specific to what you are trying to do and is hopefully helpful.

http://social.msdn.microsoft.com/Forums/sqlserver/en-US/3d8da2ca-4efb-41d6-bb08-b7193cf49753/jdbc-integrated-security-problem?forum=sqldataaccess