Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

JSP Login and redirect

Posted on 2005-04-28
4
Medium Priority
?
664 Views
Last Modified: 2008-02-01
I am developing a website.
the user should login before going inside any page of the website. however, if the user has type the page url explicitly in the browser, it will redirect to the login page and then if he login successfully it will redirect to that page the user has key in.

my problem is that :
user hasn't login , user enter "cusRefFormFtyServ.jsp?RDocID=C0000015&ReadOnly=true&InfoPage=FtyServ&LastPage=MyRefOut&LastSubPage=MyRefOut" in the browser, then it redirect to "login.jsp", user has successfully login, then it redirect to "cusRefFormFtyServ.jsp". the parameters are lost. Would somebody please tell me how to solve this problem ?
0
Comment
Question by:mikekwok
4 Comments
 
LVL 6

Accepted Solution

by:
dorothy2 earned 400 total points
ID: 13891641
The parameters are lost because you had a new request, and the request parameters from that request are probably userid and password. You can solve your immediate problem by putting the values into a session variable. Think through what you want to be session variables, because the session variables will last until (1) you, the developer, clear them out; or (2) the user closes the browser. If you're not careful about removing them once you are done, you end up using a lot of memory for stuff you don't need.

You might want to pass your parameters through hidden fields rather than appending them to the URL string. This will keep your URL string manageable and avoid future security problems if a hacker decides to substitute another jsp page for "MyRefOut".

Good luck,

Dorothy
0
 

Author Comment

by:mikekwok
ID: 13891686
Would you please teach me how to put the parameters into hidden field ? would u please give me an example ?
0
 
LVL 11

Expert Comment

by:Manish
ID: 13892086
>>how to put the parameters into hidden field ? would u please give me an example
<input type=hidden name="parameterName" value="parameterValue">


Ru redirecting page.?or forwarding ..if u forward I think ur parameter will not lost,,

U can also store ur value in session..
session.setAttribute("Name","value");..for storing
session.getAttribute("Name")..for retriving..
session.removeAttribute("Name")  for removing..

Karan
0
 
LVL 16

Expert Comment

by:suprapto45
ID: 13892585
Hi,

For login, I still recommend you to use session as what karanw suggest. This is the best way I can think of and I apply it into my project too. So you can check whether your session is null or not. If it is NOT null, it means that the user is login successfully and you should not redirect them. However, if it is null then you need to redirect them to login page.

So when the user log-in successfully, you should store their information into session.
session.setAttribute("Name","value");..for storing

Codes
-------
if (session.getAttribute("Name") != null)
{
    // do not redirect
}
else
{
    // redirect to login page
}

Regards
Dave
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
Tech giants such as Amazon and Google have sold Alexa and Echo to such an extent that they have become household names. And soon they are expected to be used by commoners in their homes, ordering takeout, picking out a song, answering trivia questio…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
Suggested Courses
Course of the Month20 days, 19 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question