I think the confusion arose because you said "hitting JSP pages
directly", which isn't really what you meant.
Why does the session checker come last? Wouldn't it make more sense
for it to come really early in the process? Is the behavior the same
if you move the session check to be first or second
l peuvent facilement
être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité
pour le contenu fourni.
> Date: Fri, 8 Apr 2011 21:12:24 -0400
> From: d...@homeport.org
> To: user@struts.apache.org
> CC: stanl...@gmail.com
> Subject: Re: Wildcard pattern not c
You completely missed the point of my posting, and what was going on. Had
you bothered looking at the results below, you would have seen, in fact,
the WEB-INF is storing my jsps...
/WEB-INF/jsp/public/{1}.jsp
I am not, in fact, accessing them directly.
I'm trying, in fact, to make sure an in
You should never allow JSP pages to be accessed directly. Place them behind
WEB-INF and your problem goes away.
On Thu, Apr 7, 2011 at 8:46 PM, Dave Shevett wrote:
> I have an app that uses a generic interceptor on all action calls to verify
> if the session is active, and if it isn't, it retur
I have an app that uses a generic interceptor on all action calls to
verify if the session is active, and if it isn't, it returns
'notloggedin', which I have a global result for.
This works -great-, except for one of my actions, which is a generic
loader for JSP's.
The interceptor definition
5 matches
Mail list logo