Hi im just wondering how i could improve this to make it secure from either the jsp file itself or external java files.
<html>
<head><title>JSP Page</title></head>
<body>
<jsp:useBean id="user" scope="session" class="shop.UserBean" />
<jsp:useBean id="dataFactory" scope="session" class="data.factory" />
<%
String userName = request.getParameter("userName");
String userPassword = request.getParameter("userPassword");
user.setLogin(dataFactory.getUser(userName,userPassword));
user.setUser(userName);
if (!user.getLogin()) { %>
<jsp:forward page="loginForm.jsp"/>
<%}%>
<jsp:forward page="orderForm.jsp" />
</body>
</html>