Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JSP redirection after session timeout

 
ken knight
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I have a page, "access.jsp that contains a scriplet that redirects to a logon screen if the session is null. But once the user logs on, how do I automatically send them back to "access.jsp"?
thanks,
kk
 
Jan Wahlin
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
In your scriptlet try something like the following...
if(request.getSession(false) == null)
{
session.setAttribute("origin", request.getRequestURI());
response.sendRedirect("login.jsp");
}
And somewhere in your login put something like...
// If valid user...
if(session.getAttribute("origin")!= null)
{
response.sendRedirect((String)session.getAttribute("origin"));
}
Hope this is of some help.
Originally posted by ken knight:
Hi,
I have a page, "access.jsp that contains a scriplet that redirects to a logon screen if the session is null. But once the user logs on, how do I automatically send them back to "access.jsp"?
thanks,
kk

 
ernest fakudze
Ranch Hand
Posts: 216
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ken!
This is simple. Firstly, your 'access.jsp'page forwards the user to 'login.jsp' if the user has not logged in, which is exactly what you are doing and it's fine.
Here is what you should do in 'login.jsp':
- First validate the user's credentials (userName + pwd) to make sure that user is legit. You do this by goin over the rs loop and comparing.
- if they both match the db data then you set a session attribute like this..
session.setAttribute("currentUser,userName).
'UserName is the userNameParam from the form
- you then do a jsp forward to 'access.jsp'.
<jsp:forward page="access.jsp"/>
Simple hey?
Tell me if you still have trouble.
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Even easier than that. There isn't a lot of documentation to be fond at the moment, but app servers are coming out that have this type of security built into them.
I'm currently using iPlanet which can have Form Based Security enabled. You configure a login page and login roles for each of your pages then the Application Srver traps access to these pages and sedirects to the login page without you having to write a line of code. After they have logged in they are sent to the page they originally requested.
Dave.
 
ken knight
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the replies everyone. I'll give it a try. David, I'm currently using JRun as my application server, I'll look and see if it supports a similar functionality.
Ken
 
Mike Curwen
Ranch Hand
Posts: 3695
IntelliJ IDE Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
David..
PLEASE, PLEASE, PLEASE tell me how you got iPlanet authentication to work.

We've been trying to get iPlanet BASIC authentication to work for weeks, and have even opened a support ticket with iPlanet. They suck though, so we were left to 'roll our own'.

Anyone posting to their newsgroups with authentication questions is met with stoney silence.

Thanks for any help...
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic