redirecting to the last requested page after valid log in

Jul 30, 2008 07:43:00

Hi,
Would anyone please be able to help me on the following:

For example, assuming the following scenario:

1) A web application contains a page "secret.html", which is a protected resource, declared to require login. Assume mode is "Form Based Login".

2) User tries to access page "secret.html"

3) then the user is re-directed to "login.jsp", the user needs to fill in "username" and "password" first .

3) then after checking the username/password. If they are valid, it will redirect the user to the originally-requested page ("secret.html").

how can i do this in my project?
[ August 05, 2008: Message edited by: mohammad enamul haque ]

Jul 30, 2008 09:31:00

Please be sure to take the time to compose descriptive subjects for your posts; read this for more information.

Using a title of "need help" is not useful.

Please go back and change your post to add a more meaningful subject by clicking the .
[ July 30, 2008: Message edited by: Bear Bibeault ]

Jul 30, 2008 22:54:00

Hi mohammad enamul haque welcome to Javaranch

Firstly as suggested by Bear, use a descriptive subject line.

regarding your question, why dont you make secret.jsp instead of secret.html, so that you can check in the JSP if the user accessing it is authenticated.
Another option is container managed security, but I am unsure how it works.

Hope this helps

Jul 30, 2008 23:42:00

Not really, it would be better to use declarative security, since what you have described is Form Based Authentication (look in the documentation for your container)

This allows you to put member resources (like your file) in a /member/ directory and the container makes sure that people have that role before they are allowed to access the resource. Applying security to each resource is error-prone.

Jul 31, 2008 05:06:00

Hello Friend,
If you could give me little more detail then it could be helpful for me to help you.Any way if you are using just jsp pages then then give form action to first page and make first page also jsp page. If you are using servlet then redirect the control from servlet to the first page.

Aug 04, 2008 06:50:00

Since you are using form based authentication, you just have to name your user name field as j_username and your password field as j_password and the form action as j_security_check. Then you server will automatically manage redirecting to login.jsp for login. After successfull login the user will automatically be redirected to secret.html. Here's the code for login.jsp

This should do it. But this will only work if you have defined form based security for the secret.html file in the deployment descriptor (web.xml) for your web application.

Aug 04, 2008 08:04:00

hi AnkitJi Garg,

Thnak you very much for your reply. Could you please tell me how could i make the changes in web.xml??

Aug 04, 2008 09:20:00

mohammad enamul haque, we are still waiting for you to give this post a better title.

Aug 08, 2008 01:41:00

code for Web.xml

I think the tag names are self explanatory. But if you still have problems ask me....

Forget this weirdo. You guys wanna see something really neat? I just have to take off my shoe .... (hint: it's a tiny ad)

a bit of art, as a gift, that will fit in a stocking

https://gardener-gift.com