Hi everyone!
I made login page in which user enter his username and password and after that if that is OK then he goes to menu page.
My question is how can i stop user to see some of my pages for example menu.jsp before login.
If anzone have some link of tutorial or example or any kind of help will be great .
Thanks
Use session variables, I just posted some simple examples here
http://forum.java.sun.com/thread.jspa?threadID=736720&tstart=0
If you only have two levels of access, 'logged on' and 'not logged on' then a simple session variable is all you need.
If you have a more complex structure, i.e. many different pages with different levels of access required, you could expand this code to look up a users permissions from a database, based on the user name held in the session.
Session variables, once set are accessible from ALL jsp pages within the applicatiion.
Thanks for help ,but how can i use that in JSP page
to stop user who didnt't log in to see some of pages .
For example i have index.jsp which is page for login users,
when he is loged in he is redirect to main.jsp page
but when he wants to enter main.jsp he can also enter this page without
login in.
I want that every user who wants to enter whatever page he wants,
he must login in first.
How i can use yours session in my problem?
Thanks
I don't think you should be using beans.
Try a Realm explained in the TomCAT-HOWTO.
A realm let you block pages for users who didn't login.
A realm is much safer than a html form.
For example if you type main.jsp then users can still use the jsp file, while with realms you get a logon .
If you have a realm, unauthorized users get the HTTP ERROR "Forbidden"
See:
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
for more information.
It requires you to set up a database but who cares?
