i have two jsp pages.login.jsp and second.jsp .after verifying the login.jsp with database i have to enter into the 2nd jsp page.but,if i type http://localhost:8080/project/second.jsp it was appearing with out validating in login.jsp. how can i make second.jsp not visible with out login page validations.
please help me.
[ October 13, 2008: Message edited by: rajesh chowdary ]
You can put second.jsp under security constraint in the web.xml config file.
In other words by making second.jsp page, an authorized page you can restraint
that page to be accessed without login. This way, direct access to this page will redirect the user to the login page setup by you.
Form based authentication
Firstly are you using only JSP's to do the work with no controllers in between?
If yes then consider reworking your design so that it follows the MVC 2 architecture.
Otherwise there will be more of such patch-up problems.
Hope this helps