File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes JSP and the fly likes prevent direct access after login. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "prevent direct access after login." Watch "prevent direct access after login." New topic

prevent direct access after login.

Rob Deer

Joined: Jan 10, 2005
Posts: 17
I have a page called login.jsp. Its a html form which allows people to login. After they login successfully, the login html link disappears and the logout link appears. But the problem is that the visitor can type in login.jsp in the address bar and get there manually. Is there a way to prevent that?
sruthi adhuri

Joined: Nov 19, 2005
Posts: 9
You can restrict browser feeds(typing URL manually) by placing your JSP's under /WEB-INF/jsp/ folder. and access using deployment descriptor.
Bear Bibeault
Author and ninkuma

Joined: Jan 10, 2002
Posts: 60732

Firstly, I wonder why you care. Doesn't seem like a big deal to me.

But, if it's something you need to do I'd create a filter that would disallow access to the page when the logged in state is detected.

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
I agree. Here's the link:
subject: prevent direct access after login.
Similar Threads
URLs and RequestDispatcher.forward()
How Stop code execution in JSP
bookmark not redirecting to login page
Getting logout to work effectively in jsp
how to redirect to the page where the user come from