GeeCON Prague 2014*
The moose likes Servlets and the fly likes Any Suggestion? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Servlets
Bookmark "Any Suggestion?" Watch "Any Suggestion?" New topic
Author

Any Suggestion?

Chris Goh
Greenhorn

Joined: Aug 23, 2001
Posts: 23
Hi all!
I'm relatively new to JSP and I'm having some doubts doing a login page using jsp.
Say, after a user enters his username and password, the username is used to retrive a password from the database. This password is then compared with the one he enters and if it matches will let the user access *some secret pages*. How can i prevent ppl from accessing the *secret pages* by directly typing the URL in their browsers.

The Greenest Of Horns
Rehan Malik
Ranch Hand

Joined: Jul 09, 2001
Posts: 76
Add the following code to top of "secret pages":
<%
if(session.isNew())
{
response.sendRedirect("http://www.errors.com");
}
%>
[This message has been edited by Rehan Malik (edited August 24, 2001).]


Rehan Malik
Subbu Aswathanarayan
Ranch Hand

Joined: Jun 22, 2001
Posts: 73
hi,
after the user successfully logs on, put an object (probably containing his user id) in to the session.in all ur "secret pages" try to retrieve this object from the session.if u cant, redirect the user to an error page.
hope this helps.
Subbu


Subbu
Chris Goh
Greenhorn

Joined: Aug 23, 2001
Posts: 23
Thanks!!!
 
GeeCON Prague 2014
 
subject: Any Suggestion?