Hi guys, I need a solution asap. I want to ensure that 1 & only 1 client can post to my jsp/servlet. Given Servlet A, Servlet B or any other client on the same machine as Servlet A can post to A. In others words, I need to be able to stop users from saving an html client to the desktop and posting to Servlet A. This is really important.
Derika, You can check the IP address of the client to check whether servlet B is posting to servlet A.
It's a bit trickier to figure out whether the call to servlet A is coming from a client who is viewing something on your web site or dowloaded the page. The easiest way is to put a token in the session on rendering a page and checking it is still there when you get to Servlet A.