As opposed to what my question suggests, I completely understand that it is not right to have any form of code in a JSP. But I have an important task to accomplish and this is the scenario : Once a link is clicked, the parameters that are passed, whatever it may be, is being truncated (due to security reasons) and I need to obtain these parameters somehow after a user has logged in. I am trying to do this using a session.
I have four JSP pages say :
and page with a link and some parameters being passed into it :
< a href="router.jsp?p1=s&p2=s123">Click here</a>
Once I click this it takes me to router.jsp where I create a session and obtain the passed parameters and also set them into the session:
<% String param1 = request.getParameter("p1");
String param2 = request.getParameter("p2");
HttpSession session1 = request.getSession(true);
session1.setAttribute("p1", param1);
session1.setAttribute("p2", param2);
response.sendRedirect("intermediateTarget.jsp");
%>
router.jsp is executed onload so it is basically re-directed to intermediateTarget.jsp.
Here, I am obtaining the parameters using getAttribute :
HttpSession session1 = request.getSession();
String param1 = (String) request.getAttribute("p1");
String param2 = (String) request.getAttribute("p2");
String param = request.getParameter("param");
String lgn = request.getParameter("lgn");
if (null != param) {
response.sendRedirect("empLogin.jsp");
} else if (null != lgn) {
response.sendRedirect("target.jsp");
}
I have two hidden parameters being passed from the login page and the routing page which are lgn and param respectively. After checking which ever page the request is gotten from, I would need to redirect it to a target.jsp or login.jsp.
Basically, after logging in I need to be just able to obtain the same parameters from the session and display it on the target page (like a confirmation that I am in fact able to obtain the parameters that I passed in the link.)
Again, I don't need servlets because this is something that we need to include from our end using only JSP's.
Also, I have read on trying to extract the part of the URL after the ? and even went into the concept of extracting deeplinks but I'm not getting anywhere.
Sorry if the post seems too long. Just wanted to give a clear idea of my situation and also any other ideas on this would be greatly appreciated.
Thanks a lot in advance !
First of all I don't understand why you don't want servlets since it's much clearer and more beautiful code. They are also perfect for this situation.
This has nothing to do with the question but for making your life easier.
If you are using scriptlets which are mostly just disturbing to read I advice you to put the scriptlet tag instead for the readability of the code, e.g.
<jsp:scriptlet>
String param1 = request.getParameter("p1");
String param2 = request.getParameter("p2");
HttpSession session1 = request.getSession(true);
session1.setAttribute("p1", param1);
session1.setAttribute("p2", param2);
response.sendRedirect("intermediateTarget.jsp");
</jsp:scriptlet>
Now to what I believe is your problem since it wasn't very clear what you wanted.
You are actually storing your variables in the session (which you want to do), but you are accessing them from the request?
For session scoped variables you should call:
String param2 = (String)request.getSession(false).getParameter("p2");
// or session1.getParameter("p2");
// if you add false where you create the variable.
You want to use the false paramenter in getSession because the user must have a session if he/she is logged in and you want to redirect them with a filter instead of creating a new session I assume.
I would prefer to write it like this though
<c:choose>
<c:when test="${not empty param}">
<c:redirect url="empLogin.jsp"/>
</c:when>
<c:otherwise>
<c:redirect url="target.jsp"/>
</c:otherwise>
</c:choose>
Hope it answered your question, feel free to comment if I misunderstood your question :)