we have been doing this by chking the session variables and then if not
logged in then redirect to login pages


smthg like this in html page wud wrk

</java><java>
 HttpSession session = request.getSession(true);
if(session.getValue("Person") ==null) {
session.putValue("ErrorMessage","user not logged in");
   response.sendRedirect(loginURL);
  }
</java>
----- Original Message -----
From: gsuresh <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, June 05, 2000 4:21 PM
Subject: regarding web security..


> Hi all,
>   Currently i am working in providing security for Intranet of the
company.  I
> am using Jigsaw for developement.
>   Intranet has 100's of pages, I don't want anyone to  view any of the
pages
> withou logging into the servlet.  Now if the user knows the url of any of
the
> page directly he is able to view that by directly typing in that.
> for ex:
>   If my login servlet is list http://example:8001/servlet/IntranetMain and
if
> the user types in this and does the operations he is able to view the
pages.
> But if he know the url of the particular page then he can directly typin
as
> http://example:80011/servlet/xxx/xx/yy.html
> which also displays him the page directly.
> I need immediate reply from any one whose has idea about this, i am in
urgent
> need of the solution.
> with regards,
> suresh kumar.G
>
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

Reply via email to