Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » Tomcat Users »

Re: servlets and cookies

Robert Weeks

2003-10-14

Replies:

Hello -

> Hello
> i assume this is more of a servlet programming problem that tomcat, but
> i hope someone has some insight?
>
>
> Please tell me i can do this:
> 1)i go to a jsp page and if it does not find the exist of a cookie it
> forwards to a login screen
>
> 2) the login screen submits to a servlet, and then set some cookies and
> then forwards to the original JSP
>
> 3) the orig jsp sees those cookies and life is fine.
>
> well i can not make the servlet set the cookies so that the forwarding
> jsp sees those cookies.


When it comes to doing things like this - I generally use session or
request variables to do so (not direct cookie access) - is there a
reason you wouldn't want to do this instead of the session? I think
most of the time tomcat will be using cookies for all of this (unless
explicitly told to use URL rewriting).

For example - maybe do something like this (using struts):

(numbers correspond to above):

1)
<%@(protected)" %>
<%@(protected)" %>
<%@(protected)" %>

<html>
<head>
 <title>Admin Tool</title>
 <html:base/>
</head>
<body>
<html:errors/>

<logic:notPresent scope="session" name="isLoggedIn">
 <logic:redirect forward="adminLogin"/>
</logic:notPresent>
<logic:present scope="session" name="isLoggedIn">
 <logic:redirect forward="adminHome"/>
</logic:present>
...

Where 'adminLogin' is mapped:

<forward name="adminLogin" path="/adminLogin.do"/>

which is an action that forwards to a file called login.jsp

<action path="/adminLogin"
         type="org.apache.struts.actions.ForwardAction"
         parameter="/admin/login.jsp"/>


2 & 3) login.jsp (above) then uses a servlet to gather the information
if successful then:

  ...
  session.setAttribute(IConstants.IS_LOGGED_IN, "true");


  where ' IConstants.IS_LOGGED_IN' = "isLoggedIn"

and then forwards back to the home page (after setting other vars in
the session/request as well).


Also this way - if the session has expired, then the test at the
beginning would forward back to the login if needed as well.

I could be doing this wrong as well - but seems to work OK.

Hope this is what you were asking about (if not - sorry for the wasted
space!)

=)


--
Robert B. Weeks


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)


©2008 junlu.com - Jax Systems, LLC, U.S.A.