Ya, I was thinking about using such an approach, but I didn't like the idea of adding a check to every page (or even a static included header page). Sounds like it's unavoidable though.
thanks. ..peter -----Original Message----- From: Damon Torgerson [mailto:[EMAIL PROTECTED]] Sent: Monday, June 10, 2002 7:00 PM To: [EMAIL PROTECTED] Subject: Re: [JBoss-user] (no subject) Peter If you're using JSPs a good example can be found in Advanced Java Server Pages by Geary. He uses a custom tag to check a session attribute and if the attribute is missing/wrong it forwards the browser to a page. You include the tag on all of the pages you wish to be secure. Damon On Mon, 2002-06-10 at 16:34, Peter Luttrell wrote: > I have a secure webapp that uses form based authentication. > > After a successfull login I need to check a flag and then potentially > forward to a special page where the user is forced to change their password. > > Does anybody know how to do this? > > thanks. > ..peter > > > > _______________________________________________________________ > > Don't miss the 2002 Sprint PCS Application Developer's Conference > August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm? source=osdntextlink > > _______________________________________________ > JBoss-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-user -- Ranksix Solutions Inc. [EMAIL PROTECTED] 250.514.6616 _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm? source=osdntextlink _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user