I am using redirect if i am success, and forwarding if failure.
whats the problem was is..since i was using redirect for success....it shows the end URL..so when I type the URL without going and filling out the form( user name and psw) ..its going to success.jsp page. How can i restrict that..and how can i implement.
I'm assuming you're writing a login procedure for your app. One common way to implement this is to place an object in session scope after a successful login. Then, from every page that requires users to be logged in in order to access, check for the existence of that object. If it's null, redirect them to the login page. A ServletFilter makes it easy to apply this logic to all of your pages.