Remember link from user......login.........take them to that link?

G

Graham Thomson

Hi,

I have absolutely no knowledge of JSP but said I would research this
as I said to my IT development workers that I was sure "This must be
possible!"

Ok here goes. Basically what we are trying to do is have a site with
both internal and external information.

For the internal information we want this to be only accessible by
people within the institution. So the developers will add a bit of
code to that page forces the user to login with their username and
password.

Fair enough you might say.

However the problem is that once they have logged in and this has been
approved, I want the user to be taken to the link that they wished to
go to in the first place. However, the developers are telling me that
once the user logs in (if successful) they will be taken back to the
site home page. (This is set by a piece of code at the top of the .jsp
page)

Is there a way for the user to go on to the link once they have been
approved by the login screen whilst keeping one "generic" piece of
code at the top of all the templated pages? i.e. the developers
realise that they could change this piece of code at the top but I
though there must be an "automatic" way of parsing the URL of the link
they click to be held until after they log on.

Sorry if this is really obviously possible or not possible!

Advice would be very much appreciated.

Thanks
Graham
 
S

Sudsy

Graham said:
Is there a way for the user to go on to the link once they have been
approved by the login screen whilst keeping one "generic" piece of
code at the top of all the templated pages? i.e. the developers
realise that they could change this piece of code at the top but I
though there must be an "automatic" way of parsing the URL of the link
they click to be held until after they log on.

Sorry if this is really obviously possible or not possible!

Advice would be very much appreciated.

Thanks
Graham

Assuming that you forward (as opposed to redirect) to the login page
then you can use HttpServletRequest#getRequestURI and store it in
session scope. Once the user has successfully logged-in then forward
back to the page they originally requested. This is a very common
mechanism.
 
B

Ben_

Hello,

J2EE's form-based authentication does just what you want:
http://www.jcp.org/aboutJava/communityprocess/final/jsr053/.

12.5.3 Form Based Authentication
<...>
If the user is not authenticated, all of the following steps occur:
1. The login form associated with the security constraint is returned to the
client. The URL
path which triggered the authentication is stored by the container.
2. The client fills out the form, including the username and password
fields.
3. The form is posted back to the server.
4. The container processes the form to authenticate the user. If
authentication fails, the error
page is returned using either a forward or a redirect and the status code of
the response is
set to 401.
5. The authenticated principal is checked to see if it is in an authorized
role for accessing the
original web request.
6. The client is redirected to the original resource using the original
stored URL path.
If the user is not successfully authenticated, the error page is returned to
the client. It is
recommended that the error page contains information that allows the user to
determine that
the authorization failed.

You'll have to arrange though with your additional requirement to distiguish
internal from external users.

Ben.
 
E

Eki Y. Baskoro

G'Day,

This is definitely possible. There are many approaches to this problem. The
best way is to utilised Servlet as a controller that redirect the
authenticated user to the previously chosen resource.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,733
Messages
2,569,440
Members
44,829
Latest member
PIXThurman

Latest Threads

Top