Servlet/JSP URLs when forwarding requests

Question

My web app has a servlet called admin which when navigated to checks if the user is logged in and if the are directs to the the admin section, but if they aren't it directs them to a JSP page with a sign-in form. The name of the JSP doesn't appear in the URL, it stays as /admin. But then when the JSP posts to another servlet to validate the sign-in credentials the url changes to /validate which is the name of the servlet. If the user validates they are forwarded to another JSP, but the URL still remains as /validate. How can I ensure the URL reflects what is being viewed in the browser?

Apologies if this isn't too clear.

Answer 1

Use a redirect, rather than forwarding. Forwards are internal to the server; one request from the browser is forwarded to different servlets. A redirect is an interaction between the server and the browser, telling the browser to request a second URL.

I would recommend using Container Managed Authentication, which will handle the redirect to the form and back to the originally requested page for you whenever a user requests a page that requires authentication.