wood burning stoves*
The moose likes JSP and the fly likes prevent direct access after login. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "prevent direct access after login." Watch "prevent direct access after login." New topic
Author

prevent direct access after login.

Rob Deer
Greenhorn

Joined: Jan 10, 2005
Posts: 17
I have a page called login.jsp. Its a html form which allows people to login. After they login successfully, the login html link disappears and the logout link appears. But the problem is that the visitor can type in login.jsp in the address bar and get there manually. Is there a way to prevent that?
sruthi adhuri
Greenhorn

Joined: Nov 19, 2005
Posts: 9
You can restrict browser feeds(typing URL manually) by placing your JSP's under /WEB-INF/jsp/ folder. and access using deployment descriptor.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60804
    
  65

Firstly, I wonder why you care. Doesn't seem like a big deal to me.

But, if it's something you need to do I'd create a filter that would disallow access to the page when the logged in state is detected.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
 
 
subject: prevent direct access after login.
 
Similar Threads
How Stop code execution in JSP
URLs and RequestDispatcher.forward()
bookmark not redirecting to login page
Getting logout to work effectively in jsp
how to redirect to the page where the user come from