I have been asked to set up some authentication for some content on our website using JSP. What I would like to do seems simple to me but I can’t quite figure out how to do it in JSP.
What I would like to do is this: When a user requests a page that you must be logged in to see, I have a tag that checks their cookies for an authentication token. If it is not there, they are redirected to a login page. After they log in, I want to redirect them back to the page they first requested along with any parameters they were sending.
Now, I have the tag that is checking their authentication and redirecting them to the login page. That part is working just fine. But I’m not sure how to maintain the first requested url and parameters so they can be redirected after they login. How might I accomplish this?
Pass it as a request parameter or maybe store it in the session (and remove at end).
I am not sure how you implemented the custom tag to check the logged-in user (this seems pretty overcomplicated, just a single
Filterlistening on anurl-patterncovering the secured pages which checks the presence of the logged-in user in theHttpSessionhas been sufficient), but basically you need to grab the the desired information from theHttpServletRequestwhich should be available to you in any way.The
HttpServletRequest#getRequestURI()returns the (relative) request URI andHttpServletRequest#getRequestURL()returns the (full) request URL to which you would like to redirect back afterwards and theHttpServletRequest#getQueryString()returns the query string (the GET request parameters, if any) for the case you’d like to include that in the redirect URL as well.