This week's book giveaway is in the Agile and other Processes forum. We're giving away four copies of The Mikado Method and have Ola Ellnestam and Daniel Brolund on-line! See this thread for details.
Hello all, i have jsp program which accepts user name and password. if the user is valid i am redirecting the user to my login page(login.jsp) the program is working fine but the problem is that if i book mark the page,the user can access it without any authentication. how can i avoid the access of my file(login.jsp) to the user with out authentication? is there any method by which i can avoid my page to be bookmarked?
Brian Nice
Ranch Hand
Joined: Nov 02, 2000
Posts: 195
posted
0
At the top of each page that you do not want anyone to access with first logging in, put some code that checks some session variables that hold the username and password. If they have values, then they have logged in. So when a person bookmarks the page and comes into a page with that code at the top, it will notice that there is nothing in the session and not allow them access, and can redirect them somewhere else appropriately. Note that the above code to check the session can be put in its own JSP page, and then be included by any page that needs it. That way all your code is in one place. HTH Brian
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to
run our stuff on 16 servers instead of 3.
0
