• Post Reply Bookmark Topic Watch Topic
  • New Topic

Implementing security  RSS feed

 
Winston Smith
Ranch Hand
Posts: 136
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
Another design question. Assume I have a Security Bean which, among other duties, checks to see if a user is properly logged in on each page load. The user is modeled with an Employee object, within a WebEntity Bean. Now, if a user avoids the login page, and attempts to "cut and paste" a URL to go somewhere else in the application, the Security Bean will recognize that the user is not logged and redirect them to an error page. So, now assume we're in the page mainMenu.jsp. The Security Bean recognizes a user who is not logged and sends the redirect, however, the rest of the code in mainMenu.jsp is still executed on the server-side, so a null pointer exception is thrown because certain Bean components are not initialized properly when the login procedure is not followed. Currently, I'm wrapping the entire page contents in a try / catch.
So to state is simply: Is there any way to stop server-side code from executing if some flag is thrown? Something like System.exit(0) in a normal program?
WS
[ January 23, 2004: Message edited by: Winston Smith ]
 
Frank Carver
Sheriff
Posts: 6920
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Currently, I'm wrapping the entire page contents in a try / catch.
So could you not just wrap the entire page contents in:
<% if (pageOK) { %>
...

<% } %>
?
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!