This week's book giveaway is in the Artificial Intelligence forum.
We're giving away four copies of Pragmatic AI and have Noah Gift on-line!
See this thread for details.
Win a copy of Pragmatic AI this week in the Artificial Intelligence forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Jeanne Boyarsky
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Paul Clapham
  • Junilu Lacar
  • Knute Snortum
Saloon Keepers:
  • Ron McLeod
  • Ganesh Patekar
  • Tim Moores
  • Pete Letkeman
  • Stephan van Hulst
  • Carey Brown
  • Tim Holloway
  • Joe Ess

single page rentry point in web application using servlet  RSS feed

Ranch Hand
Posts: 397
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
I am trying to understand , lets see i have a web page with login.jsp and once i do successfuly login

login.jsp page then go to next page. like student.jsp or

so i wnat if someone accidently entered directly without login then page should re-direct to login.jsp if login was not previously done.

how can i achive this in web.xml , what are the change i need to do.

Author and ninkuma
Posts: 66789
IntelliJ IDE Java jQuery Mac Mac OS X
Ranch Hand
Posts: 228
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can also use <security-constraints> in your web.xml
Ranch Hand
Posts: 114
Java Spring Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One option is to use form based authentication as in the following:

Define in the web.xml a login.html page and an error page that is displayed if the username and password is incorrect.

Defining roles

This can be done in the <role> element in tomcat-users.xml.

Define the security roles in the web.xml using the <security-role> element.

All roles must be declared in order to be used in the web.xml and the component code. Each <security-role> tag can contain only one <role-name>.

Defining resource and method constraints

Roles declaration in annotations

Or you could do the same via annotations.

These annotations have the same purpose as those defined in the deployment descriptor but apply to just the servlet on which they are declared. Roles can be declared on any servlet implementing the javax.servlet.Servlet interface.

This annotation is specified on a class, and it is typically used to define roles that could be tested (for example, by calling isUserInRole) from within the methods of the annotated class. This annotation is not used to link application roles to other roles. When such linking is necessary, it is accomplished by defining an appropriate security-role-ref in the associated deployment descriptor. When a call is made to isUserInRole from the annotated class, the caller identity associated with the invocation of the class is tested for membership in the role with the same name as the argument to isUserInRole. If a security-role-ref has been defined for the argument role-name, the caller is tested for membership in the role mapped to the role-name.

Now when someone visits UserServlet/student.jsp or any of it subdirectories they will be directed to the login.html page if they are not currently logged in.

Prabhat Ranjan
Ranch Hand
Posts: 397
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thanks , this is have done before using tomcat-users.xml and providing the roles in web.xml using security constraint , but it prompts every time we hit the login page.
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!