This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
You can use servlet to set a session attribute of a request say "login" to true or false by using the password check mehtod you created. Every inner jsp page should get the login attribute and check whether it is true or false. if the login attribute is false or null redirect the page to login page of your application.
The other efficient way of achieving this is by using filters. As any incoming request should and must go through the filter, In the filter you can have the authentication logic which prevents the illegal access of secured pages.