If i directly trying to access the ShowMovieServlet without login to a session, the if statement works, that means it dispatches the request to login.jsp. But my problem is whenever the login.jsp page displays, i just click the back button of the browser without trying to login. Then i try to access the ShowMovieServlet again. But this time it will not dispatch the request to login.jsp again.
Why is this happen?
SCJP 5.0<br />SCWCD 1.4<br />Preparing for <b>SCEA</b>.<br /><b>"I prefer an interesting vice to a virtue that bores."</b>
I am guessing because your session is no longer a new session the 2nd time you access the ShowMovieServlet.
The first time you access it, a new session is created and the request is dispatched to the login page:
The second time, you go to the MovieServlet in the same browser the req.getSession() probably returns your the session that was created the previous time and the session.isNew() should return false so it doesn't do the forward. Why would you check to see if someone is logged with with "if (session.isNew())"? Why not set session attribute named loggedIn to true once you authenticate in the login servlet and you can check if the user has logged in using session.getAttribute("loggedIn") in your MovieServlet.
Sreeraj, I understand this may be a frustrating problem for you, but you're starting to come across as rude. This a reminder to be nice.
Now, I have a couple points to make... You should include a null check against userName and dispatch to the login screen if it is missing.
You should also note that JSPs, by default, participate in sessions. Your login.jsp creates a new session when one does not exist every time you access it. You could use one of two ways to get around this. One, you could make the login.jsp into login.html, since there's nothing in it that's JSPish. Or two, you could put this in your login.jsp to keep it from creating a session: <%@page session="false"%> [ December 17, 2006: Message edited by: Marc Peabody ]