Get the tools you need to learn Java skills fast!
Video tutorials, eBooks, hands-on lab exercises, sample code.
Get started
The moose likes Servlets and the fly likes Access Control Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of The Software Craftsman this week in the Agile forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Access Control" Watch "Access Control" New topic

Access Control

Luiz Pereira

Joined: Mar 18, 2004
Posts: 6
I have an application into the intranet that pass for its the user in header request, I save in session and I use this information for access control on others pages.
I need that when an user logged out from intranet, visit others site and if he try access the application again, paste the url in browser, the system show message "Access Denied".

Mike Nightsky
Ranch Hand

Joined: Aug 18, 2001
Posts: 48
you could the a session explicitly that it is invalid (HttpSerssion.invalidate()).
Then you could remove the objects from the session.
then remove the athenticating header and send a redirect (response.sendRedirect()) to the loginpage
Then the user should be logged out safely.

Win the opportunity to make money on the Internet<br /><a href="" target="_blank" rel="nofollow"></a>
Ali Gohar
Ranch Hand

Joined: Mar 18, 2004
Posts: 572
See FilterServlet. It can surely help you.
Bear Bibeault
Author and ninkuma

Joined: Jan 10, 2002
Posts: 62298

Actually it's javax.servlet.Filter. You can use filters to determine if a request requires validation or any other kind of request pre- (or post-) processing.

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
subject: Access Control