Bob, I thought I had tried all combinations, but I apparently I had tried
them all except the right one. Thanks for your help.
--Michael
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 30, 2001 4:50 PM
To: [EMAIL PROTECTED]
Subject: RE: How to prevent a .jsp from being accessed directly?
Don't include the www.... in your url-pattern rather if you directory
structure is
Tomcat
|
-- webapps
|
-- mywebapp
|
-- jsps
selectroster.jsp
another.jsp
another2.jsp
you would include <url-pattern>/jsps/selectroster.jsp</url-pattern>
What version of tomcat are you using? What is your environment?
Bob
-----Original Message-----
From: Michael Molloy [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 30, 2001 4:44 PM
To: [EMAIL PROTECTED]
Subject: RE: How to prevent a .jsp from being accessed directly?
I've tried several variations, from your suggestion below to including the
entire url (www. . . .).
I'll take another look at it.
Thanks
--Michael
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 30, 2001 4:29 PM
To: [EMAIL PROTECTED]
Subject: RE: How to prevent a .jsp from being accessed directly?
You may want to try setting the url pattern relative to the root i.e.
<url-pattern>/dir1/subdir1/selectroster.jsp</url-pattern>
Bob
-----Original Message-----
From: Michael Molloy [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 29, 2001 7:41 PM
To: Tomcat
Subject: How to prevent a .jsp from being accessed directly?
I'm using the following web.xml file inside a servlet context
(/opt/tomcat/webapps/staging/WEB-INF/web.xml). However, it's not preventing
direct access to the jsp file, which is what I'm hoping to achieve. I got
this from the O'Reilly Javaserver Pages book, but it's not working. Any
suggestions?
Thanks
--Michael
<web-app>
<servlet>
<servlet-name>RosterServlet</servlet-name>
<servlet-class>RosterServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>RosterServlet</servlet-name>
<url-pattern>/process</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>no-access</web-resource-name>
<url-pattern>selectroster.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>nobody</role-name>
</auth-constraint>
</security-constraint>
</web-app>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]