Check for userid . and if thats not available redirect him to login page .
this is how we do it
userID and role is in session
if ((session.getValue("userId") == null) || (session.getValue("role") ==
null))
{
%> <jsp:forward page="../../user/Login2.jsp"></jsp:forward>
<%
} else
{
strUserId = (String)session.getValue("userId");
strUserRole = (String)session.getValue("role");
}
trust this will help u
BR
----- Original Message -----
From: "Sebastien Cesbron" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, February 19, 2001 11:42 PM
Subject: Re: [JSP-INTEREST] Check security for userID & password
> But, even if you are using the Model2 architecture, the user can access
> directly the other JSP pages by writing the URL in his navigator. So how
> do you handle this problem without scriplet ?
>
> Seb
>
> >
> > Two ways of doing it depending on which architecture model are you
> using
> > Assuming you have a Login Bean which would hold the user name and
> password
> > which is placed into the users session when the user successfully logs
> in.
> > If you are using the Model 2 architecture keep a check (an if
> statement) in
> > the controller servlet which would try to get the Login Bean from the
> users
> > session (using the getAttribute() method ). If it returns null then
> redirect
> > the user to the login page, if not give him the access.
> > In case you are using the Model 1 architecture, you would need to
> place the
> > check (an if statement) in every jsp page that requires the user to be
> > logged in.
> > Have a nice day.
> > With regards,
> > Sachin S. Khanna.
> > www.emailanorder.com
> >
> > ----- Original Message -----
> > From: Thuy Murphy <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Tuesday, February 20, 2001 1:42 AM
> > Subject: Check security for userID & password
> >
> > > I need help on how to keep user id & password so I can check to make
> sure
> > if
> > > somone select a page without login it will display login page and
> ask the
> > > user to enter user name & password. I know that we can keep them in
> > session
> > > (how?)... I also know the session will be expired in 30 minutes or
> so...
> > If
> > > you know how to solve this problem, please reply the answer I will
> be
> > > appriciated.
> > >
> > > Thanks in advance!!
>
> ________________________________________________________________________
> ______
> ifrance.com, l'email gratuit le plus complet de l'Internet !
> vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
> http://www.ifrance.com/_reloc/email.emailif
>
> ========================================================================
> ===
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
> JSP-INTEREST".
> For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
> DIGEST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
