Hi All,
I am developing an application that requires secured login where the page
should not be reached without logging.
I have a common jsp that has the following scriptlet.
common.jsp
<%
javax.servlet.http.HttpSession sess = request.getSession(false);
if ( sess.isNew() )
{
System.out.println("Session new");
response.sendRedirect("/login.jsp");
}
else
System.out.println("Session not new");
if ( sess.getValue("user")==null )
{
System.out.println("userid is null");
response.sendRedirect("/login.jsp");
}
%>
I include this jsp in all my other JSP's. When I try to invoke a page
directly by typing the url, I get the above println statements
correctly("Session new" and "userid is null") but still the page is
displayed. The page login.jsp is not displayed. But when I invoke the
common.jsp directly, the control does go to the login.jsp page.
Am I missing something ? Is this possible or I have to include a similar
scriptlet in every jsp that I write.
Thanks in advance
JS
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
