Krzysztof;
It's all in the session. If you make all your content
go through an "authenticating" check before they are
passed on to any toher service, you can redirect the
user to the login page if they are not authenticated.
So when a user authenticates in the login page, you
place a USER object in their session. This will
subsequently allow that session to flow uninterrupted
to other pages.
Every time a request is submitted, check to see if
that session has a valid USER object. If not, redirect
the user to the login page.
//Nicholas
--- onet-servlets <[EMAIL PROTECTED]> wrote:
> Hello,
>
> How can I ensure exactly one entry to my web
> application - through an 'authentication page' ?
>
> What should I do to make other pages directly
> inaccessible ?
>
>
>
> Krzysztof Marcinowicz
>
>
=====
"Suzie, Suzie, Suzie, Suzie
Suzie, Suzie Greenberg"
Suzie Greenberg, Phish
--
Nicholas Whitehead
__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
