Here follows one of the Techniques which found in the FAQ. This one looks like a
good one.
******************
On every page which must be authenticated, I check for a user ID in the
session object - if it doesn't exit, I do a redirect to a login page, passing the
url
the user was trying to access as a parameter.
On the login page, if the user successfully logs in, I create a session for
him/her, and add the user ID to the session. I then redirect back to the original
page the user tried to access. This way, even if the user bookmarks a page,
he/she will be asked to login once the session has become invalid.
Some code:
On every page I add the following:
HttpSession session = request.getSession(true);
if (session.getValue("CustomerID") == null) {
response.sendRedirect (response.encodeRedirectUrl
("Login.jsp?Origin=SharePortfolio.jsp"));
}
else {
// the rest of the page ...
In Login.jsp once the user has provided the correct logon credentials:
session.putValue("CustomerID", CustomerID);
response.sendRedirect(response.encodeRedirectUrl(request.getParameter("Origin")));
******************
This Solution is part of JSP FAQ at http://www.esperanto.org.nz/jsp/jspfaq.html
(Solution 29)
Hope this helps.
Thanks
Sudhir
[EMAIL PROTECTED]
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
