But also, doing it this way (with no tags in the page), you are allowing a
non-logged in user to see the JSP page. In some cases this is unacceptable,
and you must have a tag at the top of each page that checks to see if the
user is logged in.
Bill Hines
Hershey Foods.
-----Original Message-----
From: Sachin S. Khanna [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 20, 2001 1:54 AM
To: [EMAIL PROTECTED]
Subject: Re: Check security for userID & password
Two ways of doing it depending on which architecture model are you using
Assuming you have a Login Bean which would hold the user name and password
which is placed into the users session when the user successfully logs in.
If you are using the Model 2 architecture keep a check (an if statement) in
the controller servlet which would try to get the Login Bean from the users
session (using the getAttribute() method ). If it returns null then redirect
the user to the login page, if not give him the access.
In case you are using the Model 1 architecture, you would need to place the
check (an if statement) in every jsp page that requires the user to be
logged in.
Have a nice day.
With regards,
Sachin S. Khanna.
www.emailanorder.com
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
