Solved

Prevent user from accesing a page, if not logged in.

Posted on 2002-07-16
2
158 Views
Last Modified: 2010-04-01

I have a html page which does a POST to a servlet with userid and password. After the servlet authenticates the information against a db, I store the user object in the session.

HttpSession session = request.getSession(true);
session.setAttribute("user", globalUser);

Then I use

RequestDispatcher dispatcher = getServletContext().getRequestDispatcher("welcome.jsp");
dispatcher.forward(request,response);

to show the welcome page.

In the Welcome page,

<jsp:useBean id="user" class="com.sbali.mydb.objects.User" scope="session"/>

<TABLE BORDER=1 ALIGN="CENTER">
<TR><TD>First Name</TD>
<TD><jsp:getProperty name="user" property="firstName"/>
</TD></TR>

I display the user info.

The problem is, how do I prevent the user from accessing  welcome.jsp directly. If I hit it directly, the server instantiates the bean and now I have a User object with no property set.

I could write a scriptlet, but then I have to put the code to show the properties using out.println() instead of using xml syntax. I want to try and keep the presentation layer separate from the logic.

I am new to JSP, so I am most probably not doing things the right way.

TIA
S Bali



0
Comment
Question by:SKBali
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 52

Accepted Solution

by:
Ryan Chong earned 50 total points
ID: 7158818
Try:

if (session.getAttribute("user")!=null) {
  //valid login user
}
else {
  //invalid login user
}
0
 
LVL 18

Expert Comment

by:bobbit31
ID: 7185411
typically, i hide all my jsps in the WEB-INF/jsp and disallow any outside access to that directory. Therefore the only way to get at it is to go through the servlet first.

0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
Learn why we support net neutrality and why the topic is important to all internet users.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question