How avoid direct access to a jsp page

Question

I create a login page take username and password and after clicking it will go to a JSP. How I can hide users can not access directly to the JSP page . In below code if user directly enter JSP page address he/she will receive :

HTTP Status 500 - Internal Server Error

I want user redirect to login page.

   String username = request.getParameter("username");
    String password = request.getParameter("password");
    if(username == null || password == null){
        response.sendRedirect("facultylogin.html");

    }
    UpdateFaculty fl = new UpdateFaculty();
    if(fl.facultyCheck(username, password)){
        Teacher t = fl.fillForm(username, password);

Answer 1

Or you can put your jsp files in a folder named, say, pages and add a security constraint in web.xml

<security-constraint>
    <web-resource-collection>
        <web-resource-name>JSP Files</web-resource-name>
        <description>No direct access to JSP files</description>
        <url-pattern>/pages/*</url-pattern>
        <http-method>POST</http-method>
        <http-method>GET</http-method>
    </web-resource-collection>
    <auth-constraint>
        <description>No direct browser access to JSP files</description>
        <role-name>NobodyHasThisRole</role-name>
    </auth-constraint>
</security-constraint>

Answer 2

Simply put the JSP file under WEB-INF folder, and the container will never serve it directly. But you will able to forward to it from another servlet (including JSPs).