Need some advice with handling sessions.
The situation is following - i have a very simple web-application, under
Jakarta Tomcat. Basically, it's just few JSPs, few servlets and couple
more classes. I'm trying to use three tier architecture and try to
divide presentation part (jsp) from business logic (servlets + java
beans). In general everything works ok, but what my problems is -
sessions handling. Right now, i use "include top.jsp" on every page,
and top.jsp contains something like:
as I see it - this is also considered business logic part. What i
really want - try to get rid of such kind of code and make sevlets part
hadle it. I know it's gonna work slower, but then business logic would be
trully separated.
How can i check if user is authenticated on every page without writing
any business logic code in jsp? Or is it just not worth it and i should
keep like this?
Jakarta Tomcat. Basically, it's just few JSPs, few servlets and couple
more classes. I'm trying to use three tier architecture and try to
divide presentation part (jsp) from business logic (servlets + java
beans). In general everything works ok, but what my problems is -
sessions handling. Right now, i use "include top.jsp" on every page,
and top.jsp contains something like:
<% User user = (User)session.getAttribute("user");
if (user == null || !user.isAuthenticated())
{ // here is redirect to login page }
%>
Butas I see it - this is also considered business logic part. What i
really want - try to get rid of such kind of code and make sevlets part
hadle it. I know it's gonna work slower, but then business logic would be
trully separated.
How can i check if user is authenticated on every page without writing
any business logic code in jsp? Or is it just not worth it and i should
keep like this?
