This week's book giveaway is in the Agile and other Processes forum. We're giving away four copies of The Mikado Method and have Ola Ellnestam and Daniel Brolund on-line! See this thread for details.
Hi, I have a page, "access.jsp that contains a scriplet that redirects to a logon screen if the session is null. But once the user logs on, how do I automatically send them back to "access.jsp"? thanks, kk
Jan Wahlin
Greenhorn
Joined: Sep 12, 2001
Posts: 3
posted
0
Hi, In your scriptlet try something like the following... if(request.getSession(false) == null) { session.setAttribute("origin", request.getRequestURI()); response.sendRedirect("login.jsp"); } And somewhere in your login put something like... // If valid user... if(session.getAttribute("origin")!= null) { response.sendRedirect((String)session.getAttribute("origin")); } Hope this is of some help.
Originally posted by ken knight: Hi, I have a page, "access.jsp that contains a scriplet that redirects to a logon screen if the session is null. But once the user logs on, how do I automatically send them back to "access.jsp"? thanks, kk
ernest fakudze
Ranch Hand
Joined: Aug 27, 2001
Posts: 216
posted
0
Hi Ken! This is simple. Firstly, your 'access.jsp'page forwards the user to 'login.jsp' if the user has not logged in, which is exactly what you are doing and it's fine. Here is what you should do in 'login.jsp': - First validate the user's credentials (userName + pwd) to make sure that user is legit. You do this by goin over the rs loop and comparing. - if they both match the db data then you set a session attribute like this.. session.setAttribute("currentUser,userName). 'UserName is the userNameParam from the form - you then do a jsp forward to 'access.jsp'. <jsp:forward page="access.jsp"/> Simple hey? Tell me if you still have trouble.
In a time of drastic change it is the learners who inherit the future. The learned usually find themselves equipped to live in a world that no longer exists.<br />Eric Hoffer
Even easier than that. There isn't a lot of documentation to be fond at the moment, but app servers are coming out that have this type of security built into them. I'm currently using iPlanet which can have Form Based Security enabled. You configure a login page and login roles for each of your pages then the Application Srver traps access to these pages and sedirects to the login page without you having to write a line of code. After they have logged in they are sent to the page they originally requested. Dave.
ken knight
Greenhorn
Joined: Sep 05, 2001
Posts: 3
posted
0
Thanks for the replies everyone. I'll give it a try. David, I'm currently using JRun as my application server, I'll look and see if it supports a similar functionality. Ken
David.. PLEASE, PLEASE, PLEASE tell me how you got iPlanet authentication to work.
We've been trying to get iPlanet BASIC authentication to work for weeks, and have even opened a support ticket with iPlanet. They suck though, so we were left to 'roll our own'.
Anyone posting to their newsgroups with authentication questions is met with stoney silence.
0
