David Durham wrote:
Chuck Chopp wrote:
I have a welcome file named "index.jsp". I'm questioning if it should be
forwarding to the JSP file "login.jsp" [which I want to protect from direct
access from the browser] or should it be forwarding to the action named
"login" [or would it be "login.do"]?
If you're going to protect a JSP from direct access, one good way is to put the JSP inside the WEB-INF and then have an action do a forward to that JSP (presumably after a security check).
I did that. Specifically, I have a subfolder named "form" under the "WEB-INF" folder. I placed my protected JSP files in there. My index.jsp file [the welcome file] used the "logic:forward" tag to forward to an action named "login", and the "login" action uses my protected "login.jsp" and the corresponding ActionForm & Action classes. What I found is that on WinXP running Tomcat v4.1.30 & NetWare v6.5 running Tomcat v4.1.28, the webapp deployed & ran properly. However, Tomcat v4.1.24 running on OpenVMS Alpha v7.3-1 refuses to compile my JSP files that are in a subfolder under "WEB-INF". This really threw me for a loop and I've been trying to discover why this is happening. Needless to say, when I take code that was already working in one Tomcat implementation and it suddenly stops working in another implementation of a comparable version [keeping the JDK constant at v1.4.2], it leaves me confused.
-- Chuck Chopp
ChuckChopp (at) rtfmcsi (dot) com http://www.rtfmcsi.com
RTFM Consulting Services Inc. 864 801 2795 voice & voicemail 103 Autumn Hill Road 864 801 2774 fax Greer, SC 29651
Do not send me unsolicited commercial email.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
