Login Problems and General JSP Security Questions
I'm new to this, so I'm still not sure if I'm approaching this problem the right way. But after a user logs in with the correct username/password, I create a session attribute like so:
session.setAttribute("loggedIn", "true");
Now, inside of every other JSP page I make the following check before the user can continue:
<%
String loggedIn = (String)(session.getAttribute("loggedIn"));
if( loggedIn == null || !loggedIn.equals("true")) {
%>
<jsp:forward page="../login.html" />
<%
%>
And to logout I simply set the attribute to false:
session.setAttribute("loggedIn", "false");
Unfortunately, this doesn't work very well. It seems to be very inconsistent. Does anyone know of a better, not-so-difficult, method to do this? Or do you see any problems with what I have?
Another thing, how do I prevent a user from accessing my JSP directory? For example, I have my JSPs stored in public_html/jsp directory, how do I prevent someone from simply visiting www.mysite.com/jsp without using the web.xml file?
I use sessions in this way without any problems, what are the inconsistencies??
You can protect folders with Tomcat security but it requires XML configuration.
Similar Messages
-
Export/import login server and user grup security
Hi,
I followed the instructions to export Login server, user group
security using the ssoexp.csh, secexp.csh. Then I imported the
login server, and user group security using the ssoimp.csh,
secimp.csh .
I then logged into Portal and check the users, all the users are
imported properly. However, I didn't see any group that are
supposed to be imported. Do I missing anything?
The syntax to run the secimp is as follows:
secimp.csh -s portal30 -p portal30 -o portal30 -m reuse -d
sec.dmp -c target_database
The import finished w/o error. How can I see the groups in the
new portal instance that I tried to import objects in?
I noticed that the wwsec_group$ in the source area is over 3000,
and in the target the count is only 10, which is the number of
group I have before the import. But during the export, I don't
see the wwsec_group$ table being exported, is that the problem?
P.S. versions are: 9iAS 1.0.2, portal version 3.0.9.8 on solaris.
Thanks;
Kelly.This question is best suited to the Oracle9iAS SSO and Portal Security forum.
Thanks -
Can't seem to download any app despite entering the correct password and answering 3 security question but still in the end it comes up the message that my session has timed out no matter what! Please help, many thanks in adv!!
Try doing it on your computer with iTunes and then sync to your iPad to see if it clears the problem.
-
Hi All! 1st time I have had this problem: Itunes store says I have never made purchases from this computer (I have, many times) and is asking security questions that I don't know the answers to. What next? If I keep missing the questions, it is threatening to lock me out of my account. I am sad.
Click here for information. If you can't get the answers emailed to you for some reason, contact the iTunes Store staff via the link in that article.
(75608) -
My new iphone is asking for an old iCloud password I can't remember the password, don't have access to the old email and when I try and answer the security question it is telling me that my date of birth is wrong?? Arggghh help?
Contact iTunes Customer support... it is not possible to bypass Activation Lock.
-
I never set up any security questions for my apple ID and I was asked on the app store to sign in and answer my security questions, I never made any in the first place and it came up with questions that I didn't know. I've already been in support and tried to reset them, but I have to answer the security questions in order to change them. Is there any way to find out what they are?
From a Kappy post
The Best Alternatives for Security Questions and Rescue Mail
1. Send Apple an email request at: Apple - Support - iTunes Store - Contact Us.
2. Call Apple Support in your country: Customer Service: Contact Apple support.
3. Rescue email address and how to reset Apple ID security questions.
An alternative to using the security questions is to use 2-step verification:
Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID. -
HT201209 I want to buy VPN in app store but the problem I forgot the security questions
I forgot my security question in App Store to buy VPN
Welcome to the Apple Community.
Start here (change country if necessary) and navigate to 'Password and Security', reset your security questions using the link provided, you will receive an email to your rescue address, use the link in the email and reset your security questions.
If that doesn't help, you don't receive a reset email or you don't have a rescue address, you should contact AppleCare who will initially try to assist you with a reset email or if unsuccessful will pass you to the security team to reset your security questions for you.
If you are in a region that doesn't have international telephone support try contacting Apple through iTunes Store Support. -
what if you did not have a rescue e-mail when you initially setup your account and cannot remember security question answers
Some Solutions for Resetting Forgotten Security Questions: Apple Support Communities
-
Someone has hacked my account and changed my security questions. How do I change these questions to my own security questions and answers?
Contact the ExpressLane at: https://expresslane.apple.com then iTunes and iTunes Store and see if they can help. You might also try http://www.apple.com/support/itunes/contact
-
I have itunes account and I'm trying to buy for itune store and asks me security questions which I can not remember and do not put a rescue optional email I should do?
Hello Jbamrah,
Thanks for using Apple Support Communities.
For more information on this, take a look at:
Rescue email address and how to reset Apple ID security questions
http://support.apple.com/kb/ht5312
You can edit or delete your rescue email address at My Apple ID. To edit your rescue email address:
Navigate to My Apple ID using your web browser.
Click "Manage your account"
When prompted, sign in using your Apple ID and password.
Click Password & Security
You'll be asked to answer 2 of your 3 security questions before you can make any modifications. If you are unable to remember your answers, you can choose to send an email to your rescue email to reset your security questions.
Note: The option to send an email to reset your security questions and answers will not be available if a rescue email address is not provided. You will need to contact iTunes Store support in order to do so.
Best of luck,
Mario -
I but a reedem card of $15 dollars to buy music and I put the code and star asking security questions I put the answer and the systems tell me is incorect. I need help
Click here for information. If you can't reset them through the method described in that article or by sending yourself a rescue email(the email may take a few hours to arrive), contact the iTunes Store staff via the link in the 'Additional Information' section.
It isn't possible to create a rescue email address without correctly answering two of the questions.
(99350) -
Dont have a rescue email and forgot my security questions , what should i do , need help!
You will need to contact Support in your country to get the questions reset.
Contacting Apple about account security : http://support.apple.com/kb/HT5699
When they've been reset you can then use the steps half-way down this page to add a rescue email address for potential future use : http://support.apple.com/kb/HT5312 -
If I already have an Itunes I.D. and account, how do I set up a rescue email and change my security questions?
As an alternative ...
Rescue email address and how to reset Apple ID security questions -
Hi i am samuel kim and i didnt remember my security question and got my account lock how to i unlock it and get my security question?
Click here for information. If you've forgotten the answers to the security questions and can't get them emailed to you for some reason, contact the iTunes Store staff via the link in that article.
(75432) -
How do i get my account unlocked and get new security questions
how do i get my account unlocked and get new security questions?
You need to ask Apple to reset your security questions; ways of contacting them include clicking here and picking a method for your country, phoning AppleCare and asking for the Account Security team, and filling out and submitting this form.
They wouldn't be security questions if they could be bypassed without Apple verifying your identity.
(100996)
Maybe you are looking for
-
anybody know wy my screen is all white ?
-
when I run safari after turning on my pc, it is too slow to start.. how can optimize safari to avoid this delay. any help will be appreciated. Thanks.
-
So I recently got the LG G3 but the phone has nothing to do with it really. When I call my voicemail (speed dial or from contacts) it calls one of my friends in my contacts. It is the same guy everytime and it happened when I had my old phone too.
-
Why do I get the following message when I open an APP. Connect to ITUNES to use push notifications. What do I need to do to resolve this issue.
-
Caching values in JNI having multiple instances of the Java wrapper object
Hi, I have a Java lib that wraps and more complex 3 ^rd^ party C++ lib using JNI. This C++ lib is asynchronous. So, there's the need to register callbacks. I've already done this. I can register a callback from Java to the C++ lib and I can get notif