Hi, currently in my jsp, i use the below "ways" to check if the user is loginned, if he is, then it will show the jsp page, else, it will be FORWARDed to login.jsp:
<!-- Check for login status -->
<jsp:useBean id="loginstatus" class="data.LoginStatus" scope="session"/>
d") == null || session.getAttribute("id")
You must login first dude.");
but after reading some reference books, they all said that DO NOT use forward, but use RequestDispatcher.forward instead. Then I come out with an idea of checking if the user is loginned in my servlet, if yes, then use requestdispatcher's forward to the targetted jsp, else, to login page....
but after another careful thought, i realize that the user can directly enter the link to my jsp page (by passing the servlet, eg: http://host/level1/level2/view_critical_data.jsp
).. means they still can view the page even if they aren;t logined!
so, please.. anyone or every experts here, kindly show me the real/professional/correct ways in achieving my "goal"...