hihi, i have gotten into the habit of precompiling my jsps and then obfuscating everything. while not 100% bullet-proof (but then again, nothing is in theory), i think this is a reasonably decent solution for source security.
woodchuck --- "Shapira, Yoav" <[EMAIL PROTECTED]> wrote: > > Hi, > > >When Tomcat receives a request for .jsp page, isn't the first order > of > >business to compare the date of the .jsp page against the .java file > in > >the working directory, so Tomcat knows whether to re-translate and > >compile the .jsp page? > > For normal JSP pages, but not for pre-compiled ones. Those are > defined > in web.xml and don't go through the JSP servlet: they are normal > servlets, not subject to Jasper manipulation. So what this user is > trying to do (precompile to avoid giving customers JSP source code) > is > technically possible and has valid use-cases. I've helped customers > do > the same thing. > > Yoav Shapira http://www.yoavshapira.com > > > > > This e-mail, including any attachments, is a confidential business > communication, and may contain information that is confidential, > proprietary and/or privileged. This e-mail is intended only for the > individual(s) to whom it is addressed, and may not be saved, copied, > printed, disclosed or used by anyone else. If you are not the(an) > intended recipient, please immediately delete this e-mail from your > computer system and notify the sender. Thank you. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > __________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
