Forums Register Login

ServletRequest Attributes

+Pie Number of slices to send: Send
I'm reorganizing my JSPs and would like to implement a Servlet that I have that authenticates my users. After authenticated, I'd like to use the RequestDispatcher to go to a JSP page. From that JSP page, I need to be able to check whether or not the user was authenticated and I was thinking of using the request attributes. Is this approach secure? Can a hacker add attributes to the request, or can this only be done from within my servlet?
+Pie Number of slices to send: Send
Scoped variables in the various scopes are safe from hackers. Anything is possible with enough determination, but it'd take hacking into the server to make such mischief...

With regards to your plan: frequently a servlet filter is used to check for authentication, and authentication information is usually stored in the session.
I am a man of mystery. Mostly because of this tiny ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com


reply
reply
This thread has been viewed 1287 times.
Similar Threads
Retrive authenticated user attributes from Active Directory using principle obj from request
jsp-servlts erro
Could we say that pageContext attributes have JSP servlet scope?
Retrieving data from a servlet then forward to JSP page
problem in displaying error in jsp page
More...

All times above are in ranch (not your local) time.
The current ranch time is
Mar 29, 2024 01:50:39.