You can use JAAS or implement Java Security.
??Ramesh Kesavanarayanan
? [EMAIL PROTECTED]
Anger results in delusion, delusion leads to loss in memory,
memory loss leads to knowledge loss, If knowledge is lost
you perish
-----Original Message-----
From: Rahul [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 09, 2002 11:36 AM
To: [EMAIL PROTECTED]
Subject: Restricting direct access of jsp's
Importance: High
Hi,
We are using MVC architecture in our project with j2ee 1.2.
We have a Front Controller which is the only access points for various
modules.
This front controller performs all the authentication and authorization
checks.
If the user is authorized it gives access to the requested resource (lets
say a jsp).
Since there are no authentication/authorization checks in the jsp, anybody
who somehow comes to know of the url of a jsp can access the jsp.
Is there anyway (preferably declarative) to make the jsp's inaccessible when
accessed directly.
They should ofcourse still work when request is forwarded from the
controller servlet.
Thanks & Regards
Rahul
==========================================================================To
unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://archives.java.sun.com/jsp-interest.html
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.jsp
http://www.jguru.com/faq/index.jsp
http://www.jspinsider.com
This e-mail and any files transmitted with it are for the sole use of the intended
recipient(s) and may contain confidential and privileged information.
If you are not the intended recipient, please contact the sender by reply e-mail and
destroy all copies of the original message.
Any unauthorised review, use, disclosure, dissemination, forwarding, printing or
copying of this email or any action taken in reliance on this e-mail is strictly
prohibited and may be unlawful.
Visit us at http://www.cognizant.com
