5

Possible Duplicate:
How to redirect to another page when already authenticated user accesses login page

If a logged in user clicks on login.jsp page then he should be automatically redirected to his home.jsp. Before authentication user goes to login.jsp and after successfully authenticated by a servlet (doPost) he is redirected to home.jsp, but when again the same user clicks on login page then he should be automatically redirected to home.jsp instead of logging again. How can I do it in JSP/Servlet? I am setting session from that servlet after successfully authenticated.

Before login, user clicks on login.jsp and goes to doPost() method of servlet and goes to home.jsp. After logged in succesfully, if user clicks again on login.jsp then instead of going to login.jsp, control should go directly to home.jsp. How can I do it?

If user is signed out then only after clicking login.jsp control will go to login.jsp and then doPost() of servlet and finally home.jsp will come.

Community
  • 1
  • 1
sujit
  • 241
  • 5
  • 12
  • 22

3 Answers3

9

try this code in your login.jsp

if(session.getAttribute("authenticated")!=null && session.getAttribute("authenticated").equals(true))
{
   response.sendRedirect("home.jsp");
}
Kashif Khan
  • 2,565
  • 13
  • 14
  • i need to set it before authentication? – sujit Dec 25 '11 at 06:02
  • yeah when user visits login.jsp first time and authenticates successfully then you create this attribute like this. session.setAttribute("authenticated", true); – Kashif Khan Dec 25 '11 at 06:04
  • 1
    login page is in the main home page, so after authenticated from servlet if user comes to that main home page and clicks login.jsp then will he be redirected to home.jsp ? – sujit Dec 25 '11 at 06:04
  • yeah exactly. if authenticated attribute is set to true then user will be redirected to home.jsp. one more point, once a user is logged in you need to hide the link to login.jsp – Kashif Khan Dec 25 '11 at 06:06
  • thanks for your reply. I need to write this. session.setAttribute("authenticated", true); in the login.jsp or i need to write something extra? – sujit Dec 25 '11 at 06:09
  • you need to write session.setAttribute("authenticated", true); after you authenticate the user. i guess you are doing authentication in servlet, so do there. – Kashif Khan Dec 25 '11 at 06:10
  • ya i am authenticating by a servlet, so after successfully authentication i will write: session.setAttribute("authenticated", true); response.sendRedirect("home.jsp"); in that servlet? or i will write session.setAttribute("authenticated", true); in login.jsp page? But in this login.jsp page how can i create session.setAttribute("authenticated", true); if that user has not been logged in? – sujit Dec 25 '11 at 06:18
  • in the servlet code, when user is logged in successfully, write session.setAttribute("authenticated", true); and redirect to home.jsp....if user clicks on login.jsp then he/she will be redirected to home.jsp because authenticated attribute is true now. – Kashif Khan Dec 25 '11 at 06:20
  • thanks i am doing it let's see.. – sujit Dec 25 '11 at 06:29
  • friend it is not working, i have written session.setAttribute("authenticated", true); in servlet doPost method and after logged in if i am clicking on login.jsp link then again i am coming to login.jsp page and after giving username and password control is going to servlet then home.jsp. Any help? – sujit Dec 25 '11 at 11:43
  • make sure if(session.getAttribute("authenticated").equals("true")) this if statement is true in login.jsp otherwise code will not work. – Kashif Khan Dec 25 '11 at 11:45
  • ya i am writing..hope it will work – sujit Dec 25 '11 at 11:59
  • 1
    @KashifKhan: if he uses session.setAttribute("authenticated", true), and if(session.getAttribute("authenticated").equals("true")), this won't work. a String and a Boolean will never be equal. – JB Nizet Dec 25 '11 at 18:43
  • @JBNizet yup you are right. I have updated my answer. if statement should be like if(session.getAttribute("authenticated")) – Kashif Khan Dec 25 '11 at 19:12
  • No, that won't work either. getAttribute returns an Object. You need to cast it to a Boolean, and then test if this Boolean is true. – JB Nizet Dec 25 '11 at 19:37
  • updated the answer again and tested on my localhost. – Kashif Khan Dec 25 '11 at 20:05
  • @KashifKhan.....i have written the following in login.jsp, please check it: then in doPost of servlet i have written: HttpSession session = request.getSession(false); session.setAttribute("authenticated", true); M i right? – sujit Dec 26 '11 at 05:37
  • @KashifKhan it is working but if i am opening two login.jsp in two tabs of a same browser then if i am logging into one login.jsp and home.jsp comes but after that if i am clicking login.jsp on that 2nd tab then it is not going to home.jsp instead control is going to login.jsp but in 1st tab where i am already logged in there if i am clicking login.jsp then it is going to home.jsp but simultaneously 2nd tab box is not working. Any help friend? – sujit Dec 26 '11 at 06:03
  • yeah the code looks fine. make sure to check that session1!=null – Kashif Khan Dec 26 '11 at 06:05
  • if you login in fisrt tab, then refresh the second tab. it will work fine. but a more better solution is to use a filter in your web application to check weather a user is logged in or not. read here for an example of filter http://viralpatel.net/blogs/2009/01/tutorial-java-servlet-filter-example-using-eclipse-apache-tomcat.html.... – Kashif Khan Dec 26 '11 at 06:16
  • ya i am taking a look in filter – sujit Dec 26 '11 at 06:38
3

Make the login page/action check if the user is logged in, and redirect to the home page if logged in:

if (alreadyLoggedIn) {
    response.sendRedirect(response.encodeRedirectURL(request.getContextPath() + "/home"));
    return;
}

But you should probably not have a link to the login page in the first place if the user is already logged in.

JB Nizet
  • 657,433
  • 87
  • 1,179
  • 1,226
  • thanks JB....but what should i write in doPost of servlet? – sujit Dec 26 '11 at 05:38
  • I have link to the login page even user is already logged on. I should write home.jsp instead of /home.. like this: response.sendRedirect(response.encodeRedirectURL(request.getContextPath() + "/home.jsp")); – sujit Dec 26 '11 at 05:47
0

For your help i have written an example and executed the code in my machine.

In servlet page, in doPost:

String username = request.getParameter("username");
String password = request.getParameter("password");
boolean isCredentialValid = validateCredentials(username, password);
String nextPage ="";
HttpSession session = request.getSession(true);
if(isCredentialValid){
    nextPage = "home.jsp";
    session.setAttribute("isLoggedIn", "true");
}else{
    request.setAttribute("error", "Either username or password is invalid.");
    nextPage ="login.jsp";
}
RequestDispatcher rd = request.getRequestDispatcher(nextPage);
rd.forward(request, response);

in login.jsp

<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
<script type="text/javascript">
  var isLoggedIn = "<%= (String)session.getAttribute("isLoggedIn")%>";
  if(isLoggedIn === "true")
     window.location.href="home.jsp";
  }
</script>
</head>
<body>
   <form action="Test" method="post">
    ${error}
    <br/>
     UserName : <input type="text" name="username"/>
    <br/>
     Password : <input type="text" name="password"/>
    <br/>
    <input type="submit" value="submit"/>
  </form>
</body>
bluish
  • 24,718
  • 26
  • 114
  • 174
dku.rajkumar
  • 18,048
  • 7
  • 40
  • 58
  • i need to write this in login.jsp? – sujit Dec 25 '11 at 06:12
  • nope.. login page will be redirected to a servlet.. write in in the servlet because you cant validate the credentials in browser right.. as per i understnad you will need to contact database through servlet right. – dku.rajkumar Dec 25 '11 at 06:14
  • login page will be redirected to servlet only after user gives his username and password , if he is already authenticated before then when he clicked on login.jsp link then instead of going to login.jsp page and then how login.jsp page will be redirected to servlet automatically? – sujit Dec 25 '11 at 06:24
  • updated the answer.. please check it.. hope everything will be clear – dku.rajkumar Dec 25 '11 at 06:43
  • For your help i have written an example and executed the code in my machine, its just working as you are expecting. – dku.rajkumar Dec 25 '11 at 07:02
  • ya thanks for your reply, but i am using method doPost method for login, is this the same above code applicable for doPost method? – sujit Dec 25 '11 at 11:38
  • yeah.. just change the "method" in form tag to "post" like method="post" – dku.rajkumar Dec 25 '11 at 12:36
  • dont forget to mark the answer as accepted for the help of future visitors, if it solved your problem. – dku.rajkumar Dec 25 '11 at 13:53
  • This answer is awful: JavaScript to redirect, scriptlet in JSP, GET for a login form, a String instead of a boolean to represent a boolean value... Everything you shouldn't do. – JB Nizet Dec 25 '11 at 18:42
  • @JBNizet : When I created the form in IDE, it taken "get" method by default, i didnt bother to change it because i knew that the question raiser is using "post" and this is not the problem. I dont think there is any problem in redirecting using javascript here. I thought to use "" instead of scriptlet so i used string instead of boolean as i did now, removed scriplet. I had already given lot of time to write the code and execute it and post here so didnt do fine tunning. – dku.rajkumar Dec 26 '11 at 03:26
  • You just wanted to vote down so you did not because of any reason. This answer may not be the best but it doesn't deserve vote down because the answer is not wrong or irrelevant or something, it did help the question raiser and that you can find out by reading the above comments. – dku.rajkumar Dec 26 '11 at 03:37