Win a copy of Penetration Testing Basics this week in the Security forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Session-based authentication

scottie zman
Ranch Hand
Posts: 40
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm developing some intranet apps in JSP and need to build a login checker mechanism. Here's what I want to do:
on each page, include loginCheck.jsp.
logincheck simply looks for a session variable, accessLevel. if it is null or not high enough for that page, it should redirect to login.jsp
sounds simple. but whenever I try a jsp:forward or a sendRedirect, I get an error regarding page buffering. I've even put the jsp:forward at the _very first_ line of code, and it still gets the error.
can someone help me out: please explain why it's causing the error when the forward command is on the first line of code and where does the page _really_ begin writing itself out to the browser. Also, if there are any tutorials available on doing this then a link would be appreciatred, or if anyone has created a better solution to managing session-based authentication, I'd love to hear about it. I'm an ASP veteran moving into JSP, so I'm all ears (and eyes) for new ways of doing the same old things.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic