wood burning stoves 2.0*
The moose likes Servlets and the fly likes JSP redirection after session timeout Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "JSP redirection after session timeout" Watch "JSP redirection after session timeout" New topic
Author

JSP redirection after session timeout

ken knight
Greenhorn

Joined: Sep 05, 2001
Posts: 3
Hi,
I have a page, "access.jsp that contains a scriplet that redirects to a logon screen if the session is null. But once the user logs on, how do I automatically send them back to "access.jsp"?
thanks,
kk
Jan Wahlin
Greenhorn

Joined: Sep 12, 2001
Posts: 3
Hi,
In your scriptlet try something like the following...
if(request.getSession(false) == null)
{
session.setAttribute("origin", request.getRequestURI());
response.sendRedirect("login.jsp");
}
And somewhere in your login put something like...
// If valid user...
if(session.getAttribute("origin")!= null)
{
response.sendRedirect((String)session.getAttribute("origin"));
}
Hope this is of some help.
Originally posted by ken knight:
Hi,
I have a page, "access.jsp that contains a scriplet that redirects to a logon screen if the session is null. But once the user logs on, how do I automatically send them back to "access.jsp"?
thanks,
kk

ernest fakudze
Ranch Hand

Joined: Aug 27, 2001
Posts: 216
Hi Ken!
This is simple. Firstly, your 'access.jsp'page forwards the user to 'login.jsp' if the user has not logged in, which is exactly what you are doing and it's fine.
Here is what you should do in 'login.jsp':
- First validate the user's credentials (userName + pwd) to make sure that user is legit. You do this by goin over the rs loop and comparing.
- if they both match the db data then you set a session attribute like this..
session.setAttribute("currentUser,userName).
'UserName is the userNameParam from the form
- you then do a jsp forward to 'access.jsp'.
<jsp:forward page="access.jsp"/>
Simple hey?
Tell me if you still have trouble.


In a time of drastic change it is the learners who inherit the future. The learned usually find themselves equipped to live in a world that no longer exists.<br />Eric Hoffer
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

Even easier than that. There isn't a lot of documentation to be fond at the moment, but app servers are coming out that have this type of security built into them.
I'm currently using iPlanet which can have Form Based Security enabled. You configure a login page and login roles for each of your pages then the Application Srver traps access to these pages and sedirects to the login page without you having to write a line of code. After they have logged in they are sent to the page they originally requested.
Dave.
ken knight
Greenhorn

Joined: Sep 05, 2001
Posts: 3
Thanks for the replies everyone. I'll give it a try. David, I'm currently using JRun as my application server, I'll look and see if it supports a similar functionality.
Ken
Mike Curwen
Ranch Hand

Joined: Feb 20, 2001
Posts: 3695

David..
PLEASE, PLEASE, PLEASE tell me how you got iPlanet authentication to work.

We've been trying to get iPlanet BASIC authentication to work for weeks, and have even opened a support ticket with iPlanet. They suck though, so we were left to 'roll our own'.

Anyone posting to their newsgroups with authentication questions is met with stoney silence.

Thanks for any help...
 
 
subject: JSP redirection after session timeout
 
Similar Threads
Getting session info based on Session Id
Session timeout in struts
Field set in action method coming null in JSP
Session problem in NetBeans
controller or model