hello every one
first sorry if my english not well
im develop E-Commerce site and there is two different type of users/ admin and normal user
and there is a control panel for admin that cannot show for normal user
i want if the admin logged redirect to admin page that have the admin panel
for example www . can shop . com /admin.jsp
all i want to do is hidden that URL from anyone want to accesses this url ??
i know how to redirect users but i cant hide the url can anyone help me with that ?
While you could create a home page just for admins, why not make it the same page, but show the admin stuff only for admin users? Assuming that you're using the Servlet API's authentication functionality, you could use the JSP tags provided by Apache Shiro's for that purpose. See steps 4, 5 and 6 on http://shiro.apache.org/webapp-tutorial.html about that.
all i want to do is hidden that URL from anyone want to accesses this url ?
That sounds like security of obscurity (hiding something from unauthorized people), and generally ends in tears because it is fundamentally unsafe. If a page is meant only for a specific group of users, then you need to check that it is served only to those users.
If you are using Spring Security then it is very easy to integrate with application and you can manage the resources based on the authority like Admin can view or access perticular resources. Super user can this, normal user can this etc.