-1

This is the url of my project on localhost which is a login page:: "http://localhost:8080/OnlineExamination"

Here as soon as the login is valid, I want the url to be changed to "http://localhost:8080/OnlineExamination/home-page" so that it would prevent the user from taking him back to login page when the page reloads. How can I do this using JSP and Servlet? I have used a submit type input in which surrounding input by anchor tag resulted in not submitting the login form. Please Help!!

Arvind Kumar Avinash
  • 71,965
  • 6
  • 74
  • 110
Aashish
  • 33
  • 5
  • 2
    As so as the authentication is confirmed on the server side, you should set a redirect header with your "home-page" url on the response. You may also want to set a session cookie confirming that the user has been authenticated – ControlAltDel Aug 15 '20 at 14:59
  • sounds very helpful. I would like to know in detail as I am just a beginner in these web projects and do not have a sound knowledge in terms of playing with redirects, responses and session. Can you do that please? – Aashish Aug 15 '20 at 15:22
  • 1
    It looks like it's as easy as response.sendRedirect(...) https://stackoverflow.com/questions/34972006/how-to-pass-new-header-to-sendredirect I say "...looks like" because I am operating in PHP these days... doing redirects from login, just using PHP API. In any case, give this a try – ControlAltDel Aug 15 '20 at 15:29
  • @ControlAltDel also I needed a suggestion. In my servlet file I have used request.getRequestDispatcher().forward(request, response) to redirect to different pages. But I also have seen some devs in their youtube videos use 'response' instead. Which is better to use and why? – Aashish Aug 15 '20 at 15:31
  • I don't know that you can say absolutely that one is better than the other. But I think sending the response header is better than forwarding the response to a different servlet, as it will update the url in the client's browser – ControlAltDel Aug 15 '20 at 15:34
  • Thank you very much!! I will try your suggestions. Thanks a lot. – Aashish Aug 15 '20 at 15:38

2 Answers2

1

Redirect or Forward - which one should I choose?

Since you want the URL to be changed in the browser, you will have to send redirect instruction to the browser instead of forwarding the request to some other resource. Note that when you forward the request, the new resource will get everything from the request and the URL remains unchanged. On the other hand, in the case of redirect, the browser creates a new request for the new location (URL) which means nothing from the old request will be available to the new request.

How can I share some information between requests?

You will have to choose a bigger scope e.g. session; simply put the information into the session and retrieve the same at the new location.

An illustration of the concept:

OnlineExamination.java

@WebServlet("/OnlineExamination")
public class OnlineExamination extends HttpServlet {
    public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setContentType("text/plain");
        // Code to check user credentials
        // ...
        // ...
        request.getSession().setAttribute("loggedIn", true);
        response.sendRedirect("OnlineExamination/home-page");
    }
}

HomePage.java

@WebServlet("/OnlineExamination/home-page")
public class HomePage extends HttpServlet {
    public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setContentType("text/plain");
        PrintWriter out = response.getWriter();
        out.write("" + request.getSession().getAttribute("loggedIn"));
    }
}

This is a very basic code just for illustrating the concept. In a real project, you may choose some framework that can provide various ways to do all these.

Arvind Kumar Avinash
  • 71,965
  • 6
  • 74
  • 110
0

You should use "interpreter" to prevent a valid login user to access a link. If you just only redirect user to homepage, they still can access the login page. Or you just create a simple function that if they access login page but already logon, they must be redirect to homepage.

Thanh Tuấn Lê
  • 51
  • 1
  • 5
  • That's not what I am asking sir!! I wanted to know how do I edit the url from server side. you're explaining how to control session. – Aashish Aug 15 '20 at 15:23