I would not do those checks on my JSP page. If you want something custom for authentication I suggest to use a servlet to handle the parameters and see if you are dealing with an authorized user and use a filter to project your restricted content.
I also would like to advice you to think about using a security framework like Apache Shiro where you can create your own authentication handler.