You can use servlet to set a session attribute of a request say "login" to true or false by using the password check mehtod you created. Every inner jsp page should get the login attribute and check whether it is true or false. if the login attribute is false or null redirect the page to login page of your application.
The other efficient way of achieving this is by using filters. As any incoming request should and must go through the filter, In the filter you can have the authentication logic which prevents the illegal access of secured pages.
Whatever. Here's a tiny ad:
a bit of art, as a gift, the permaculture playing cards