session tracking using j2ee ¬†using -'jsp,session,java-ee,servlets'
I'm trying to implement session tracking on my website. Basically I want the users to be able to login in my website using their username and their password, pass throw my website pages (only available for logged users) and then logout.
Currently I'm thinking about what is the right architecture to accomplish this. So, is it right to do it like this: use a servlet which validates whether the user is logged or not or if this one is doing a login using a httpSession object (kinda like this example here: http://www.tutorialspoint.com/servlets/servlets-session-tracking.htm
). In case of a login attemp the servlet validates the username and password by calling a stateless session bean (which validates the username and password based on my database).
Also everytime the user wants to "travel" to another page on my website that is only visible to logged users, the request must go to the servlet to validate whether the user is logged or not and then retrieve the new page.
Is this the right way to do it? If not how can I accomplish this?
Thanks a lot.