Issues with <jsp:include> working?

Hi there
this is my header.jsp file
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> <%@include file="/jsp/common/include.jsp" %> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>Welcome Admin</title> <link rel="stylesheet" href="/DemoProject/css/admin.css"> </head> <body> <c:if test="${empty adminId}"> <c:redirect url="/loginError"></c:redirect> </c:if> <div id="adminheader"> <ul> <li><a href="/DemoProject/jsp/admin/home.jsp">Home</a></li> <li><a href="/DemoProject/jsp/admin/addStudent.jsp">AddStudent</a></li> <li><a href="#">Our Courses</a></li> <li><a href="#">Contact Us</a></li> </ul> <div id="loginblock"> <b>Welcome<c:out value='<%= request.getSession().getServletContext().getAttribute("adminId")%>'></c:out></b><a href="/DemoProject/logout">logout</a> </div> </div> <div id="mainbody">

and this is my footer.jsp
</div> <!-- Main Body --> </body> </html>

in one of My page addStudent I have used these two as follows
<jsp:include page="/jsp/admin/adminHeader.jsp"></jsp:include> <div id="mainarea"> <form method="post" action="/DemoProject/addStudent" enctype="multipart/form-data"> <table> <tr><td>FirstName:</td><td><input type="text" name="userFirstName"/></td></tr> <tr><td>Last Name:</td><td><input type="text" name="userLastName"/></td></tr> <tr><td>Password:</td><td><input type="password" name="userPassword"/></td></tr> <tr><td>Mob No:</td><td><input type="text" name="userMob" maxlength="10"/></td></tr> <tr><td>Gender:</td><td>Male<input type="radio" name="userGender" value="Male"/> Female<input type="radio" name="userGender" value="Female"/> </td></tr> <tr><td>Enroll Course:</td><td>Android<input type="checkbox" name="userCourses" value="Android"/> Java<input type="checkbox" name="userCourses" value="Java"/> Web Design<input type="checkbox" name="userCourses" value="Web Design"/> </td></tr> <tr><td>Address</td><td><textarea rows="5" cols="20" name="userAddress"></textarea></td></tr> <tr><td>Profile Pic</td><td><input type="file" accept="image/*" name="userProfilePic"/></td></tr> <tr><td></td><td><input type="submit" value="Register"></td></tr> </table> </form> </div> <jsp:include page="/jsp/admin/footer.jsp"></jsp:include>

Both Inlcude at the position is working fine

What I was expecting if their is no code in the session then user should be redirect to LoginError but when I type its absolute URL then I can also access this page
I am clearing value in the session like this
RequestDispatcher rd = request.getRequestDispatcher("/jsp/admin/login.jsp"); request.getSession().getServletContext().removeAttribute("adminId");

But still code is not working.

How to solve this?

Thanks

Hi Kishore,

Why are you using ServletContext (think 1 per web context ) ? You should be using the HttpSession object .HttpSession provides getAttribute,setAttribute and removeAttribute methods. You're only showing us the part which you think is the issue, it would help if you elaborate on what is "Absolute URL" which you access and in which Servlet you have this code etc.,

And if this is a new project that you're working on, I strongly recommend you to use HTML5 semantics with a CSS framework like BootStrap.

Thanks
Srikkanth

what is risk of using getServletContext()?

what is risk of using getServletContext()?

There's one ServletContext which is share by the web app. Whereas a HttpSession object is created for each user session. So where do you think you'll keep your session attributes ?

Search this forum , and you'll find this question answered a lot of times.

-- Srikkanth

although
@Bear
Suggested in my past posts use filter for session tasks

I don't know how to use it.
I have 50 JSP page in my web application and I need to check each page whethar user is logged in or not

How can I acheive this?

Why are you accessing the jsp files directly ? It should go inside the WEB-INF folder, they are meant to be used as view files.

But here are the steps that you might need to create a Filter.

1. Create a CustomFilter class which implements Filter interface. ( Rename the class based on your requirements )
2. Implement the doFilter() method
3. In the doFilter() method, check if the user session has an indicator which tell you if he's an admin or no, if not an admin redirect. HttpResponse has methods for redirecting.
4. Configure the filter in your web.xml. This is two step, you define your filter and you also define the URL-mapping mentioning the requests which this filter needs to handle. If all requests has to pass through this filter, you need to use a *.


-- Srikkanth

@Srikkanth

Thanks I will try your approach