How to set request.getParameter in jsp:setProperty

Question

I used beans/form processing to take input parameters on login screen and then with those parameters try and log the user into the application.

However I am getting

Answer 1

Here,

<jsp:setProperty name="db" property="userName" value="<%=request.getParameter("userName")%>"/>
<jsp:setProperty name="db" property="password" value="<%=request.getParameter("password")%>"/>

you're attempting to mix scriptlets and taglibs. This is invalid. Use the one or the other. When the userName would contain a doublequote like foo"bar then the value of the JSP tag will basically end up like value="foo"bar". This is syntactically invalid.

Since scriptlets is a dead technology, I'd suggest to just get rid of it altogether. The proper way would be to use EL. In EL, all request parameters are available as a Map<String, String> through the implicit variable ${param}. Make use of it.

<jsp:setProperty name="db" property="userName" value="${param.userName}"/>
<jsp:setProperty name="db" property="password" value="${param.password}"/>

Alternatively, you can also let JSP automagically set all properties as below when all parameter names are the same as property names anyway:

<jsp:setProperty name="db" property="*"/>