aspose file tools*
The moose likes JSP and the fly likes How to stay logged in? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "How to stay logged in?" Watch "How to stay logged in?" New topic
Author

How to stay logged in?

Nishant Vashisth
Greenhorn

Joined: Jun 27, 2011
Posts: 23
hey guys i am making a website in jsp !!
and the login is working fine but the problem is when i go to another page and switch back to the login page it again asks to login !!

how to stay logged in like using session or something else !!
help me out please
Louis Bros
Ranch Hand

Joined: Jun 03, 2011
Posts: 54

Hi,

Yes you would have to set a value in the user's session to indicate that they're logged in.

Then in your JSP you could use the JSTL choose tag to either display the login form or not.



OCA7
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61766
    
  67

While using container-managed security would be best, if you are going to roll your own, then it doesn't make any sense to check for it in a JSP.

Firstly, checking in the JSP is too late; by the time a JSP is executed, the controller has done it's job and may have done something that should not be allowed if not logged in, or if the logged-in user doesn't have appropriate permissions/role.

Also, does it make sense to have to put this check into each and every location that's a possible entry point into the application?

Of course not.

Rather, a servlet filter should be employed that can check the authentication for each request before any other code executes.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How to stay logged in?