Hi,
I have a good handle on the basic principles of MVC (
JSP = View;
Servlet = Controller; Bean = Model) but I'm confused about a number of issues:
1. Links in JSP. Should all of them go through the controller servlet, even if they are just links from one JSP to another with no change in business logic / model?
2. When a user goes to a secure page I need to enforce a logon if they are not already logged on. At the moment I have some code in a JSP that checks to see if a session variable is set, and if it isn't it does a redirect:
=====
sLoggedIn = (
String) session.getAttribute("LoggedIn");
if (sLoggedIn == null)
{
RequestDispatcher dispatcher = request.getRequestDispatcher("Main? action=login");
dispatcher.forward(request, response);
}
=====
FYI, my controller servlet is called "Main".
In the controller servlet I check for action equals "login" and then redirect to login.jsp on a match.
Is this a good approach?
How should I pass data between the code that checks to see if the user is logged in, the controller servlet and the login.jsp page? I'd like the user to be returned to the secure page that they tried to access when they were forced to login. For example:
1. User tries to access "buy.jsp"
2. User is not logged in so they are redirected (through the controller servlet) to login.jsp
3. They enter their username and password and the form is submitted to the controller servlet.
4. The controler servlet validates the user against a database.
5. If the login fails the user if redirected to login.jsp and gets an error messages. Jump to step 3.
6. If the login is successful then a session variable is set to show that they are logged in, and then they are redirected to buy.jsp
Any help you can give me would be fantastic. I'm tearing me hair out trying to do this development the "right" way.
Thanks
Darren.