The files that are inside the WEB-INF folder are hidden for the clients of the application. Therefore, if you put your JSP files inside the WEB-INF folder you can not redirect them to them. The method HttpServletResponse#sendRedirect will generate a response with header 302, with a link to the URL to which you want to navigate and without content in your body.
Since it is a Servlet that serves the request to access the JSP, the Servlet must be serving a URL. Then, perform the redirect to the Servlet URL. Imagine you have the following Servlet:
@WebServlet("/home.html") // <-- mira la ruta
public class HomeServlet extends HttpServlet {
@Override
public void doGet(HttpServletRequest req, HttpServletResponse res)
throws IOException, ServletException {
request.getRequestDispatcher("WEB-INF/home.jsp").forward(req, res);
}
}
Then in the servlet where you are going to perform the redirect, you should have a code like the following:
response.sendRedirect("/home.html"); // <-- mira la ruta
Your real problem is this:
I need to validate the session so that the system does not allow access to other pages by putting the route in the navigation bar as such without first having logged in.
What you need is to have a Filter . These classes are used to decorate the requests served by the servlets. They allow to execute operations before and after attending the execution by itself and allows to apply the validation to a group of urls. These are configured with the annotation WebFilter .
Here is a basic example of using a ServletFilter to validate if a user session exists:
@WebFilter("/*") //todas las URLs de la aplicación
public class MiFilter implements Filter {
@Override
public void init(FilterConfig config) {
//para iniciar recursos a utilizar...
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
//el método que realiza la magia
//primero el antes de
//lo usaremos para validar si existe sesión de usuario
HttpServletRequest req = (HttpServletRequest) request;
HttpSession session = req.getSession();
//validamos si existe el atributo usuario
//si tu usuario lo has registrado en sesión con otro nombre
//deberás cambiarlo aquí
if (!esPeticionValida(req)
&& session.getAttribute("usuario") != null) {
//continuar con la cadena de atención de la petición (request)
chain.doFilter(request, response);
} else {
//el usuario no ha iniciado sesión
//mandarlo a la página inicial
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect("/index.html");
}
//después de atender la petición
}
private boolean esPeticionValida(HttpServletRequest req) {
//validamos la url
boolean result = true;
String uri = req.getRequestURI();
//solo validamos las peticiones que sean a recursos HTML
//y que sean distintas a la página inicial
if (uri.endsWith("html") && !uri.equals("index.html")) {
result = false;
}
return result;
}
@Override
public void destroy() {
//para limpiar recursos utilizados...
}
}
