aspose file tools
The moose likes JSP and the fly likes prevent direct access after login. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Badass: Making Users Awesome this week in the Game Development forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "prevent direct access after login." Watch "prevent direct access after login." New topic

prevent direct access after login.

Rob Deer

Joined: Jan 10, 2005
Posts: 17
I have a page called login.jsp. Its a html form which allows people to login. After they login successfully, the login html link disappears and the logout link appears. But the problem is that the visitor can type in login.jsp in the address bar and get there manually. Is there a way to prevent that?
sruthi adhuri

Joined: Nov 19, 2005
Posts: 9
You can restrict browser feeds(typing URL manually) by placing your JSP's under /WEB-INF/jsp/ folder. and access using deployment descriptor.
Bear Bibeault
Author and ninkuma

Joined: Jan 10, 2002
Posts: 62272

Firstly, I wonder why you care. Doesn't seem like a big deal to me.

But, if it's something you need to do I'd create a filter that would disallow access to the page when the logged in state is detected.

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
I agree. Here's the link:
subject: prevent direct access after login.