For our app, if the user logs in for the first time or if the user's password is 30 days old, we require that they change it immediately logging in. So from the logon action we send them to a password.jsp. But the user should also be able to go to password.jsp anytime after logging in from (just about) any other jsp.
For the former case, we would want to disable any navigation on password.jsp. And for the latter case enable the navigation. How can I distinguish when I should disable the navigation? That is, how do I know that they came from the logon action and not some other jsp? Or should I be using two separate password pages? Thanks. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>