need help in security issue !!

Hi All,

I want know how I can protect my JSP pages to be viewed without authentication?

Let me expain it in detail:

I am having one web Application where home page is login.jsp.

From login.jsp if anybody enters valid username and password then he will be forwarded to Welcome.jsp page.

Now in addressbar if I am explicitly giving the name Welcome.jsp it is coming with some limited information(without information related to loginid ). But I want to prevent it. That means if anybody is trying to access the Wecome.jsp page he should come through the "Login.jsp" page only, otherwise "access denied message" will be displayed.How I can do this?

Thanks in advance,

Shruti

Message was edited by:

panther_vip

[769 byte] By [panther_vipa] at [2007-11-26 20:04:12]

«« Sun Java Instant Messenger Installation Problem while installing in RHEL4
»» Jsf 1.2 on j2ee 1.4?

# 1

Hi,

In your post, you did not mention whether or not you are using the container provided security facilities. It seems that you are using the user credentials entered in the login page to authenticate the user using some programmatic logic and forward the control to the welcome.jsp page. In that case you can declare the welcome.jsp as a secure resource in the web.xml file. That way you can stop somebody from accessing it directly by URL.

Hope i have answered the right question.

sreekar@worka at 2007-7-9 23:04:23 >

top of Java-index,Security,Other Security APIs, Tools, and Issues...

# 2

Thanks a lot !!U r right. I am using only programmatic logic.Now I will try what u have suggested me to do.Regards,Shruti

panther_vipa at 2007-7-9 23:04:23 >

Security

Other Security APIs, Tools, and Issues

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

need help in security issue !!

Security New Topic

Security Hot Topic

Security

All Classified