I m making a website in which I hav an admin and members ..
I want to define rights of users who can access a certain page..
For this purpose I m using an array of String along with a Session object.
I m storing URLs of pages which a simple user can access and storing them in session object..
Here is the code which i have written in sign In page..
HttpSession session = request.getSession();
String authority[] = null;
authority[0] = "signIn.html";
authority[1] = "signUp.html";
athority[2] = "Post.html";
session.setAttribute("Url", authority);
session.setAttribute("userName", request.getParameter("userName"));
String user1 = (String) session.getAttribute("userName");
ServletContext sc = getServletContext();
RequestDispatcher rd = sc.getRequestDispatcher("/sign_In.jsp");
rd.forward(request,response);
if (user1 == null)
{
response.sendRedirect("signIn.html");
return;
}
The code which I m writing to check the rights of a user
HttpSession session = request.getSession(false);
String user = (String) session.getAttribute("userName");
if (user == null)
{
response.sendRedirect("signIn.html");
return;
}
if(session == null)
{
response.sendRedirect("signIn.html");
}
else
{
String[] athority = (String[]) session.getAttribute("authority");
for(int i = 0;i<athority.length;i++)
{
if(athority[i].equals("CreateNewPostJava.jsp"))
{
response.sendRedirect("CreateNewPostJava.jsp");
}
}
response.sendRedirect("mainPage.jsp");
}
response.sendRedirect("CreateNewPostC.html");
But when i execute this code, No session is created...
Please help me in correcting this.
Thanx..