Hello friends,
Ive made a login page for my application, its a simple login application where the username and password is stored in .properties file. Now i dont want any user to bookmark or try to access my jsp pages without going through the user identification(login page). For this i have created a filter...which is---->
public void doFilter(ServletRequest request,ServletResponse response,FilterChain chain)throws ServletException,IOException
{
HttpServletRequest req=(HttpServletRequest)request;
HttpServletResponse res=(HttpServletResponse)response;
System.out.println(req.getRemoteHost() + "tried to access" + req.getRequestURL() + "on" + new Date()+ ".");
HttpSession session=req.getSession(true);
String username=(String)session.getAttribute("username");
ActionErrors errors=new ActionErrors();
if(username==null || session.getAttribute("username")==null)
{
errors.add(ActionErrors.GLOBAL_ERROR,new ActionError("error.authentication.required"));
req.getRequestDispatcher("/login.jsp").forward(req, res);
}
if(errors.isEmpty())
{
chain.doFilter(request, response);
}
}
what i ve managed to achieve by this code is , the user cannot bookmark or directly try to run the jsp page. But the problem is when i enter the username and password nothing happens...i mean the filter is running...but partly...I know i have made some silly mistake here but cannot figure it out....please help me point out my mistakes.
regards,
a_joseph