• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Checking for a logged in user in all jsp pages

 
Ranch Hand
Posts: 285
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I got an app that I am trying to build. What is the best way to check on all
my pages if the user is logged in and if he is not kick him to a login page or to a page that says you are not logged in?
In my case, logged in would consist of a user object in a session.
 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I assume you first make some decision if the user should be logged in or not, such as password verification.
Once you decide the user is logged in, you can add an attribute to the session.
For example, if you have some variable 'user' that references some User object:

Then at the top of each page you need to enforce that the user is logged in:

Note: response.sendRedirct(url) must be called before anything is written to the reponse
[ April 08, 2004: Message edited by: Hans Sponger ]
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Rather than polluting each page with such processing, look into writing a servlet filter to perform such checks.
 
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
or have a look at the authentication built into application servers. You'll want to look at basic or form-based authentication. This is declaritive rather than programatic, so you don't need to worry about writing the same code into all of your JSPs.
Dave
 
Ranch Hand
Posts: 87
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm handling this type of problem using one central servlet. As soon as a form is submitted, the servlet checks the name of the form, the button clicked by the user and then it decides which page should be showed. But before this happens, each time I do a check whether I have a session containing a user :
private String controleerSessieEnGebruiker ( HttpServletRequest request)
{
String requestedPage = null ;
HttpSession session = request.getSession(false);
if (session == null) requestedPage = ERROR_PAGE;
else {
Gebruiker gebruiker = (Gebruiker) session.getAttribute("gebruiker");
if (gebruiker == null)
{
requestedPage = ERROR_PAGE;
Uitzondering uitzondering = new Uitzonderin(2,0, "gebruiker onbekend");
session.setAttribute("uitzondering", uitzondering);
} /* gebruiker == null */
} /* session != null */
return requestedPage;
} /* controleerSessieEnGebruiker */
reply
    Bookmark Topic Watch Topic
  • New Topic