|
Hi,
We are using MVC architecture in our project with
j2ee 1.2.
We have a Front Controller which is the only access
points for various modules.
This front controller performs all the
authentication and authorization checks.
If the user is authorized it gives access to the
requested resource (lets say a jsp).
Since there are no
authentication/authorization checks in the jsp, anybody who somehow comes
to know of the url of a jsp can access the jsp.
Is there anyway (preferably declarative) to make
the jsp's inaccessible when accessed directly.
They should ofcourse still work when request is
forwarded from the controller servlet.
Thanks & Regards
Rahul
|
- Re: Restricting direct access of jsp's Rahul
- Re: Restricting direct access of jsp's S Srinivas Nayak
- Re: Restricting direct access of jsp's Dror Matalon
- Re: Restricting direct access of jsp's Pramod Nair
- Re: Restricting direct access of jsp's Katz Guy
- Re: Restricting direct access of jsp's Patrick Melli
- Re: Restricting direct access of jsp's Vikramjit Singh
