If you are using HTTP authentication,
javax.servlet.http.HttpServletRequest.getRemoteUser() provides the remote
userid, or login.jsp could store the userid in the session -- this could be
used to provide the page from a single URL (i.e. myPage.jsp) instead of a
user-specific URL (one.jsp, two.jsp, ...) and have myPage.jsp send the
appropriate contents based on the user id.
Chris
> -----Original Message-----
> From: Srini Sathya. [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, July 12, 2000 12:28 PM
> To: [EMAIL PROTECTED]
> Subject: How to handle session across multiple users
>
>
> Hi all,
>
> I have a login.jsp page which creates a session and put some values in it.
> Depending upon the login i need to create the jsp pages in the fly. I
> have
> 3 different types of jsp pages to be created for example:
>
> if the user name is one then i will create one.jsp
> if the user name is two then i need to create two.jsp etc.,
>
> My problem is that since i am creating the session in the login.jsp a user
> who logged as one can now able to access the details of the two too.
>
> I have restricted in the main page of all the users whether a session
> exists
> and then if not asking them to login. But now one user is logging as one
> and he can able to change from one to two. How to prevent this??. Should
> i
> create multiple sessions or is there any workaround for this.
>
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
