You are right whenever we are trying to access the login page directly by url like http://localhost:8080/APPLICATION_NAME/login.jsp
then it is showing error. So we should use http://localhost:8080/APPLICATION_NAME/protected/success.jsp
then automatically it will redirect to the login.jsp page.
This is fine and works great. now my problem is, I don't know whether it is possible or not.
let us say, I'm having two roles like admin and user. ADMIN.jsp is the home page for admin role people and USER.jsp is the home page for the people who have the role called user these two pages are in a folder named "jsp".
for this what i'm doing is after login, the application will redirect to success.jsp, in this jsp i'm checking the roles and redirecting to appropriate home page.
now i'm trying to login with user role and seeing the user.jsp and in the url i'm pasting the follwoing usrl without killing the session.
(Actually this page is for admin users only. remember i'm not loggedin with admin credentials). then i'm seeing the ADMIN page. to prevent this i made a filter which is responsible for killing the current session and redirecting to the success.jsp wheever we are trying to access the pages (any pages) using the urls like above. So my problem i.e loggedin with user credentials and seeing the admin.jsp using (url) has been resolved.
Now the second problem is started, now i'm loggedin with admin credentials http://localhost:8080/protected/success.jsp
or even with the above url (because of filter), so automatically i'm redirecting to ADMIN.jsp.
but in the url i'm seeing http://localhost:8080/protected/success.jsp
only. After logged i'm trying to access the ADMIN.jsp by pasting the follwoing url without logout means without session killing. http://localhost:8080/APPLICATION_NAME/jsp/ADMIN.jsp
. Now also it is redirecting me to login page through the success.jsp url. this is also because of filter. But i want to see the ADMN.jsp page using url (ofcourse after loggedin with admin role). Is it possible. the follwoing is my filter.
and web.xml is
So how can i achieve my requirement.
Thanks again for your valuable time.