![[Logo]](/templates/default/mobile/images/mobile-moose.gif)
Hi everyone,
currently whenever i'm coming to same servlet from different jsp pages,
i use
so i got a doubt if in servlet i'm using the hidden element's value
for redirecting to different jsp pages like if
String action=request.getParameter("action");
if("student".equals(action))
{
//redirect to viewprivielegestudent.jsp page
}
else if("admin".equals(action))
{
//redirect to viewprivielegeadmin.jsp page
}
then if student in the browser does view source code and changes the hidden element's value to admin then he can go to
admin privielege page.
so please tell me the correct way to code so that i can go from multiple jsp pages to
same servlet without any compromise on authorization.
thanks in advance
currently whenever i'm coming to same servlet from different jsp pages,
i use
so i got a doubt if in servlet i'm using the hidden element's value
for redirecting to different jsp pages like if
String action=request.getParameter("action");
if("student".equals(action))
{
//redirect to viewprivielegestudent.jsp page
}
else if("admin".equals(action))
{
//redirect to viewprivielegeadmin.jsp page
}
then if student in the browser does view source code and changes the hidden element's value to admin then he can go to
admin privielege page.
so please tell me the correct way to code so that i can go from multiple jsp pages to
same servlet without any compromise on authorization.
thanks in advance
