Hi,
You have any sample code for checking the session object, should anyone tries to
access any servlet?
Thank you.
Ravi K U wrote:
> there are several ways to do this.
> 1) Craete a session object after succesful login and check for the validity of the
> session object in every servlet. So if anybody tries to access any servlet other
> than login servlet ,access will be denied as he won't be having a session object
>
> 2) Few Servers like Apache/Jserv gives a blocking mechanism for the servlets. You
> can set the properties of the servlets in such a way that only request from
> specific IP can access your servlet. Set that IP for non-Login servelt to your
> Servers IP and no one else can acess it
>
> ofcourse there are other ways
>
> gsuresh wrote:
>
> > Hi all,
> > Currently i am working in providing security for Intranet of the company. I
> > am using Jigsaw for developement.
> > Intranet has 100's of pages, I don't want anyone to view any of the pages
> > withou logging into the servlet. Now if the user knows the url of any of the
> > page directly he is able to view that by directly typing in that.
> > for ex:
> > If my login servlet is list http://example:8001/servlet/IntranetMain and if
> > the user types in this and does the operations he is able to view the pages.
> > But if he know the url of the particular page then he can directly typin as
> > http://example:80011/servlet/xxx/xx/yy.html
> > which also displays him the page directly.
> > I need immediate reply from any one whose has idea about this, i am in urgent
> > need of the solution.
> > with regards,
> > suresh kumar.G
> >
> > ___________________________________________________________________________
> > To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> > of the message "signoff SERVLET-INTEREST".
> >
> > Archives: http://archives.java.sun.com/archives/servlet-interest.html
> > Resources: http://java.sun.com/products/servlet/external-resources.html
> > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
