we have been doing this by chking the session variables and then if not
logged in then redirect to login pages
smthg like this in html page wud wrk
</java><java>
HttpSession session = request.getSession(true);
if(session.getValue("Person") ==null) {
session.putValue("ErrorMessage","user not logged in");
response.sendRedirect(loginURL);
}
</java>
----- Original Message -----
From: gsuresh <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, June 05, 2000 4:21 PM
Subject: regarding web security..
> Hi all,
> Currently i am working in providing security for Intranet of the
company. I
> am using Jigsaw for developement.
> Intranet has 100's of pages, I don't want anyone to view any of the
pages
> withou logging into the servlet. Now if the user knows the url of any of
the
> page directly he is able to view that by directly typing in that.
> for ex:
> If my login servlet is list http://example:8001/servlet/IntranetMain and
if
> the user types in this and does the operations he is able to view the
pages.
> But if he know the url of the particular page then he can directly typin
as
> http://example:80011/servlet/xxx/xx/yy.html
> which also displays him the page directly.
> I need immediate reply from any one whose has idea about this, i am in
urgent
> need of the solution.
> with regards,
> suresh kumar.G
>
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html