aspose file tools*
The moose likes JSP and the fly likes Session code doesn't get executed in jsp Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Session code doesn Watch "Session code doesn New topic
Author

Session code doesn't get executed in jsp

Jigar Naik
Ranch Hand

Joined: Dec 12, 2006
Posts: 759
Hi have 5 jsp

my first login.jsp which contans 2 fields userid and password and a login button on submit of the login auth.jsp will get called which check for the username and password if the username and password is correct it will execute the following code



and if everything is allrite than it will redirect to home.jsp

my home.jsp



my home1.jsp



same as home2.jsp and so on...

But when i go directly to home.jsp or home2.jsp using address bar of my browser it is not checking for session

and also in my console there is no output for following line...which is in mu home.jsp,home1.jsp and home2.jsp



is there any perticuler reason for this behaviour ??? If i'm using the wrong technique what is the right technique to prevent user from accessing internal pages without going through login page ???

thanks in advance
[ February 28, 2007: Message edited by: Jigar Naik ]

Jigar Naik


Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61772
    
  67

Originally posted by Jigar Naik:
If i'm using the wrong technique what is the right technique to prevent user from accessing internal pages without going through login page ?


Filters.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Jigar Naik
Ranch Hand

Joined: Dec 12, 2006
Posts: 759
Thanks
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61772
    
  67

A search will turn up lots of good resources. But the premise is pretty simple: a filter that is invoked for all protected resources determines if an authentication token is present on the session. If so, the filter allows the requested resource to proceeed. If not, it forwards or redirects to a login page.

Upon successful login, the token is placed on the session. Upon logout it is removed. A session timout automatically emulates a logout.

One of the great benefits is that you don't need to put any goo on the pages themselves.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Session code doesn't get executed in jsp