Re: Hiding JSP Pages
- Original Message - From: W Strater [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Friday, June 13, 2008 5:06 PM Subject: Hiding JSP Pages I am trying to hide the JSP so they can only be accessed via a forward. I have been able to put them in a subdirectory of WEB-INF using other containers but have not been able to do that with Tomcat 5.5. We are not using Struts but it is the same approach where our business logic is servlet/action based and we only use JSP for presentation. A common practice would be to put the JSP page in the root directory of the WAR like following: /HelloWorld.jsp /WEB-INF/web.xml /WEB-INF/classes/HelloWorld.class Mmmm no dont think so, that kinda looks like a mix between precompiled and JSP Anyway doesnt matter... and it maybe because I'm in a different IDE, doesnt work the same... This would allow the user to access the JSP page through the servlet with http://localhost:8080/app/HelloWorld or directly with http://localhost:8080/app/HelloWorld.jsp. I want to use to only be able to access the JSP page through the servlet and the directory of the WAR would like the following: /WEB-INF/web.xml /WEB-INF/classes/HelloWorld.class /WEB-INF/jsp/HelloWorld.jsp The HelloWorld servlet would use the JSP for presentation by forwarding to it using code like the fllowing: RequestDispatcher dispatcher = request.getRequestDispatcher( /WEB-INF/jsp/HelloWorld.jsp); Rather use this mapping... /META-INF/test/index.jsp ie just put the JSP's into Meta_Inf That will hide em and they'll still work... Having said that, this is the first time I gave this a whiz... you're forwarding idea is actually just the MVC model, a good way to do it... But normally what I do is stick a little code in the JSP... ie I check the bean, or the URI... then redirect or give the user a little message. Interesting question... thanks I tested on NB... there it just amounted to dragging the jsp's to the META folder... done. Have fun.. --- HARBOR : http://www.kewlstuff.co.za/index.htm The most powerful application server on earth. The only real POJO Application Server. See it in Action : http://www.kewlstuff.co.za/cd_tut_swf/whatisejb1.htm --- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Hiding JSP Pages
I am trying to hide the JSP so they can only be accessed via a forward. I have been able to put them in a subdirectory of WEB-INF using other containers but have not been able to do that with Tomcat 5.5. We are not using Struts but it is the same approach where our business logic is servlet/action based and we only use JSP for presentation. A common practice would be to put the JSP page in the root directory of the WAR like following: /HelloWorld.jsp /WEB-INF/web.xml /WEB-INF/classes/HelloWorld.class This would allow the user to access the JSP page through the servlet with http://localhost:8080/app/HelloWorld or directly with http://localhost:8080/app/HelloWorld.jsp. I want to use to only be able to access the JSP page through the servlet and the directory of the WAR would like the following: /WEB-INF/web.xml /WEB-INF/classes/HelloWorld.class /WEB-INF/jsp/HelloWorld.jsp The HelloWorld servlet would use the JSP for presentation by forwarding to it using code like the fllowing: RequestDispatcher dispatcher = request.getRequestDispatcher( /WEB-INF/jsp/HelloWorld.jsp); I get the following errors: 09:22:57,253 [[/app].log 636] INFO - Marking servlet org.apache.catalina.INVOKER.WEB-INF as unavailable 09:22:57,269 [[/app].log 665] ERROR - Error loading WebappClassLoader delegate: false repositories: /WEB-INF/classes/ -- Parent Classloader: [EMAIL PROTECTED] WEB-INF java.lang.ClassNotFoundException: WEB-INF at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1332) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1181) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1027) at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:750) at org.apache.catalina.servlets.InvokerServlet.serveRequest(InvokerServlet.java:369) at org.apache.catalina.servlets.InvokerServlet.doGet(InvokerServlet.java:133) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301) 09:22:57,269 [[/app].log 665] ERROR - invoker: Cannot allocate servlet instance for path /app/WEB-INF/jsp/HelloWorld.jsp javax.servlet.ServletException: Wrapper cannot find servlet class WEB-INF or a class it depends on at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1035) at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:750) at org.apache.catalina.servlets.InvokerServlet.serveRequest(InvokerServlet.java:369) at org.apache.catalina.servlets.InvokerServlet.doGet(InvokerServlet.java:133) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301) ... Most of the discussions I have read are either old or pertaining to securing them via authentication/authorization but I do not want a user to be able to enter a URL containing a JSP page under any conditions. Any suggestions on how I can hide my JSP pages? Thanks, Wes.
Re: Hiding JSP Pages
On Fri, Jun 13, 2008 at 8:06 AM, W Strater [EMAIL PROTECTED] wrote: I am trying to hide the JSP so they can only be accessed via a forward. I have been able to put them in a subdirectory of WEB-INF using other containers but have not been able to do that with Tomcat 5.5. That /is/ the correct approach. /WEB-INF/classes/HelloWorld.class If that's literal, it's wrong -- your classes need to be in a package. I get the following errors: 09:22:57,253 [[/app].log 636] INFO - Marking servlet org.apache.catalina.INVOKER.WEB-INF as unavailable Are you trying to use the invoker servlet? -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]