Dear all,
Currently I'm suffering from a small problem, called Authentication. I'm creating a web application which has an admin module. It works (or is supposed to) as follows:
I have a directory on my webserver, called /admin. This one is supposed to be protected so that authentication is required to access anything inside that directoy. What I did was creating a
servlet mapping in web.xml, something like this:
The actionservlet checks if a user who accesses /admin is logged in. If he isn't, the user(/request?) is forwarded to a login page, on the root of the webserver, called /login.jsp. If the username/password entered there are correct, the user is forwarded to the original page he was requesting (e.g. /admin/main.jsp). If the password is incorrect, the user if redirected to an error page. This works, but the problem is, upon the forwarding to the /admin/main.jsp, the actionservlet is invoked again. This means the actionservlet checks again, but this time the user is logged in. So the actionservlet forwards the request to the main.jsp, and again the actionservlet is invoked, causing a ServletException (after 50 times or something).
Can someone please help me with this?
I'm trying to figure it out for quite a while now, but I have no idea what I'm doing wrong.
Thanks in advance!
Greetings, Erik