Hello. So, let's now start creating the security files. First one is index dot JSP. So, I will create a new JSP you can get it from gallery you will find here GCP GCP bitch it would be index dot JSP source we care is another one used to be but it will be index dot JSP x okay. So let us see in index JSP I will just forward the request to the dashboard page. This is so here in the index I will remove all of this and just add this line Okay for index GCB x Are you at this line anymore at CES at CES to ask to install he still library you can select this and install GCP tag library that's fine and of course we will create the login to GCF.
So this is now the to GCP index on GCP x index listicle creates a filter the filter will be and we can create in the colon because this is a common note that been or not something related to a specific page it is reduced to all application So, in common here, I will create a new Java class I call it application filter okay sin I will copy this here all this is tips you should be able to do it in on any day publication should not take too much time. Here our filter as I explained last video that in the request not index which used to be not login, I will check the session. If the session is not or the session has a variable user name is not I will redirect to the login. So in means once we log in user logon, I should sit in user name in the session scope so that if the request come here again, it should not see the user as a null and it will allow the user to access assist.
So, this is application filter we have to add this filter in web XML. So I will open the window XML source. You will find here all filter before filter mapping here I can add our filter this is a filter name and this is a class pass is in view Common Application filter and we have to set which request this filter will catch So, in your request which in which or access JSP page or JSP x or JSF page so we can edit in the filter mapping before Quantic spirometer here we'll add this Filter mapping. So now all looks okay, we add the web XML we add the filters and index and the index JSP. So we should create a page called log into GCF. So let us create beach to be normal page two will be login to je s f. And of course it will not map to the template because this is just the login page is still not his template pages will be a lie only once the user successfully login.
So this is the login page just blank page. Okay so the only way Thing is, if GCP x page should have outcome so that once the user select log out, it should go into the index GCB x, which will map to the login. So what we can do in this case, we should open our task flow. We can drag this index was GCP exhale, we can add like throat flow, and I will call it index. So now if you want to look out you should go there's a session and called index outcome to more back again to the login page. If now you want to try This it means once you run any beach, you have to forward automatically to the login page.
Now let us try to run the students JSF page and see if the filter will catch this request and we'll forward it to the login or not. So, let us now run and see how it will work. Oh but there is no as you can see, there is no extension it means it is a request can skip the filter here as you can see, because there is no here there is no extension it but if you write dodgy this f it will catch and forward it to the login page. It is for to the index and from the index to go to the login as you can see. So it means you should catch in a request to do that. Here, I say in requests into sto GS F or GCP x or GCP.
So, I can remove this because sometimes a page can be called user with an extension, because this part of task flow is why it is looks like this. So I will just say, I need to catch all requests, regardless if it is with extension or not. So, this is I see the filter to to use the filter in your L, you should catch this and was it to the filter. So, let's now try again to run the student to GCF and see if the filter will catch the request and redirect it to the login or not. Now, our filters are now working fine if the user doesn't have any Access, you should move to the login even if you take the URL without anything like this, you should move it to the login page. Okay, so now the next video we will try to build our login page.
So see you next video