Session code doesn't get executed in jsp

Hi have 5 jsp

my first login.jsp which contans 2 fields userid and password and a login button on submit of the login auth.jsp will get called which check for the username and password if the username and password is correct it will execute the following code

and if everything is allrite than it will redirect to home.jsp

my home.jsp

my home1.jsp

same as home2.jsp and so on...

But when i go directly to home.jsp or home2.jsp using address bar of my browser it is not checking for session

and also in my console there is no output for following line...which is in mu home.jsp,home1.jsp and home2.jsp

is there any perticuler reason for this behaviour ??? If i'm using the wrong technique what is the right technique to prevent user from accessing internal pages without going through login page ???

thanks in advance

[ February 28, 2007: Message edited by: Jigar Naik ]

Originally posted by Jigar Naik:
If i'm using the wrong technique what is the right technique to prevent user from accessing internal pages without going through login page ?

Filters.

Thanks

A search will turn up lots of good resources. But the premise is pretty simple: a filter that is invoked for all protected resources determines if an authentication token is present on the session. If so, the filter allows the requested resource to proceeed. If not, it forwards or redirects to a login page.

Upon successful login, the token is placed on the session. Upon logout it is removed. A session timout automatically emulates a logout.

One of the great benefits is that you don't need to put any goo on the pages themselves.