Hi All,
I am developing an application that requires secured login where the page
should not be reached without logging.
I have a common jsp that has the following scriptlet and also includes the
logo and other header information that has to be displayed.
common.jsp
<%
javax.servlet.http.HttpSession sess = request.getSession(false);
if ( sess.isNew() )
{
System.out.println("Session new");
response.sendRedirect("/login.jsp");
return;
}
else
System.out.println("Session not new");
if ( sess.getValue("user")==null )
{
System.out.println("userid is null");
response.sendRedirect("/login.jsp");
return;
}
%>
I include this jsp in all my other JSP's as
<jsp:include page="/body.jsp" flush="true" />
When I try to invoke a page directly by typing the url, I get the above
println statements
correctly("Session new" and "userid is null"), the included common.jsp page
is not displayed but the rest of the page is displayed. The conrol doesn't
go to the login.jsp. But when I invoke the common.jsp directly, the control
does go to the login.jsp page.
Am I missing something ? Is this possible or I have to include a similar
scriptlet in every jsp that I write.
Thanks in advance
JS
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
