[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Setting and getting values from one servlet to another....

Posted on 2004-08-08
6
Medium Priority
?
326 Views
Last Modified: 2013-11-24
Hi,

I would like to achieve an ability to restict the user to access certain pages withing my application by simply typing their urls in the browser. Here is what I have:

JSP A and Servlet A
JSP B and Servlet B
JSP C.

I want to set a variable String key="some sequence of characters" within servlet B from servlet A or JSP C. If the user will access JSP B it will check if the key is set in servlet B by calling getKey() method. If it is set then it will allow user to see the content of the page otherwise it will display an error message. Also, upon verification of the key it should set it back to null or "".  This way if the user will try to access JSP B he will fail. The only way for him to access JSP B would be by redirecting from servlet A or JSP C.

Please help with concreate examples! Thank you in advance!

Gene.
0
Comment
Question by:brige03
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 35

Accepted Solution

by:
girionis earned 1600 total points
ID: 11750378
Why do you want to do it programamtically? All server provide a way to restrict access to certain pages by means of the web.xml file. You can define roles and what role can access what page, for example the following restricts access to pages, user1.htm, user2.htm and user3.htm:

<security-constraint>
            <web-resource-collection>
                  <web-resource-name>Moderator</web-resource-name>
                  <description>We restrict access to all resources within the /MyWebApp/jsp/documents/moderatorscreen web resources</description>
                  <!--<url-pattern>/MyWebApp/jsp/documents/moderatorscreen/*</url-pattern>-->
                  <url-pattern>user1.htm</url-pattern>
                  <url-pattern>user2.htm</url-pattern>
                  <url-pattern>user3.htm</url-pattern>
                  <http-method>POST</http-method>
                  <http-method>GET</http-method>
            </web-resource-collection>
            <auth-constraint>
                  <description>Only let the moderator login</description>
                  <role-name>ModeratorRole</role-name>
            </auth-constraint>
            <user-data-constraint>
                  <description>SSL not required</description>
                  <transport-guarantee>NONE</transport-guarantee>
            </user-data-constraint>
      </security-constraint>

If you still want to do it programmatically I suggest you use a session variable. For example in ServletA or JSPC you can do something like:

String key = "dfgdfgdfgkdh1212jh121298dsfh"
session = request.getSession();
session.setAttribute("secretKey", key);

In ServletB or JSP B check to see if the key exists:

session = request.getSession();
String key = (String) session.getAttribute("secretKey");
if (key != null && key.equals("dfgdfgdfgkdh1212jh121298dsfh"))
{
    // user came from the pages we wanted
}
else
{
   // user didn't come from the pages we wanted, redirect user to somewhere else.
}
0
 

Author Comment

by:brige03
ID: 11754105
I will give it a try sometime today and will come back with a feedback.

Can I do something like this in servlet context? If yes, what some of the advantages or disadvantages using one method over the other?

I am also want to use ramdom function generator for the key value. So how can I validate the key then? And where? Please advise...

The first portion of the answer will not be applicable since all my users will use one role. Thank you!

Gene.

0
 
LVL 15

Expert Comment

by:JakobA
ID: 11756874
You cannot do it through shared variables in servlets only. Remember there may be 100 users viewing your pages at the same time. and each of them can have a different type of access. That is not possible if they read their accessprivilidges from a shared variable.

With the session approach suggested by girionis, an additional persistent object is generated for each user, and variables in that object can then be acessd by any servlet that user activate.

regards JakobA
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:brige03
ID: 11757043
You are right! It makes sense...

So then I will set the attribute and get it from the session.
Also, I probably will set it to null right after I verified it and got a positive answer:

 session = request.getSession();
String key = (String) session.getAttribute("secretKey");
if (key != null && key.equals("dfgdfgdfgkdh1212jh121298dsfh"))
{
    // user came from the pages we wanted
session.setAttribute("secretKey",null);
break;
}
else
{
   // user didn't come from the pages we wanted, redirect user to somewhere else.
}

Thanks guys!
0
 
LVL 35

Expert Comment

by:girionis
ID: 11759933
Thank you for accepting :)
0
 

Expert Comment

by:Udaya_Sankar_Das
ID: 22774124
JSP
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
Are you developing a Java application and want to create Excel Spreadsheets? You have come to the right place, this article will describe how you can create Excel Spreadsheets from a Java Application. For the purposes of this article, I will be u…
Viewers will learn about the different types of variables in Java and how to declare them. Decide the type of variable desired: Put the keyword corresponding to the type of variable in front of the variable name: Use the equal sign to assign a v…
Viewers will learn about if statements in Java and their use The if statement: The condition required to create an if statement: Variations of if statements: An example using if statements:
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question