File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Servlets and the fly likes problem by bookmarking the page Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "problem by bookmarking the page" Watch "problem by bookmarking the page" New topic
Author

problem by bookmarking the page

sachin dabhade
Ranch Hand

Joined: Mar 10, 2001
Posts: 73
Hello all,
i have jsp program which accepts user name and password.
if the user is valid i am redirecting the user to my login page(login.jsp)
the program is working fine but the problem is that if i book mark the page,the user can access it without any authentication.
how can i avoid the access of my file(login.jsp) to the user with out authentication?
is there any method by which i can avoid my page to be bookmarked?

Brian Nice
Ranch Hand

Joined: Nov 02, 2000
Posts: 195
At the top of each page that you do not want anyone to access with first logging in, put some code that checks some session variables that hold the username and password. If they have values, then they have logged in.
So when a person bookmarks the page and comes into a page with that code at the top, it will notice that there is nothing in the session and not allow them access, and can redirect them somewhere else appropriately.
Note that the above code to check the session can be put in its own JSP page, and then be included by any page that needs it. That way all your code is in one place.
HTH
Brian
 
Don't get me started about those stupid light bulbs.
 
subject: problem by bookmarking the page
 
Similar Threads
How to create a session-scoped user profile bean at login?
How to implement authentication for each jsp page
file download-user authentication-window close
Configuring Successful login page in Websphere Security
Need help in j_security_check based authentication