in web.xml
<filter>
<filter-name>NotFound</filter-name>
<filter-class>com.scc.sw.swhtml.filter.NotFound</filter-class>
</filter>
<filter-mapping>
<filter-name>NotFound</filter-name>
<url-pattern>*.jsp</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
public class NotFound implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletResponse r = (HttpServletResponse) response;
r.sendError(HttpServletResponse.SC_NOT_FOUND);
}
public void destroy() {
}
}
janw пишет:
Hello,
I use myfaces with JSPs on Tomcat 5.5.17, the MyFaces extensionsFilter maps
to *.jsf.
How do I restrict the access to my *.jsp files?
Now, when the user enters in the url:
http://myserver.com/mywebapp/login.jsp
Tomcat prints on the screen something like
org.apache.jasper.JasperException: Exception in JSP: /login.jsp:16
followed by the stacktrace. I don't want this internal information to be
printed out.
How can I prevent the access?
Regards,
Jan
Extracts from my web.xml:
<filter-mapping>
<filter-name>extensionsFilter</filter-name>
<url-pattern>*.jsf</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>extensionsFilter</filter-name>
<url-pattern>/faces/*</url-pattern>
</filter-mapping>
<servlet>
<filter>
<filter-name>extensionsFilter</filter-name>
<filter-class>org.apache.myfaces.component.html.util.ExtensionsFilter</filter-class>
<init-param>
<description>Set the size limit for uploaded files. Format: 10 - 10 bytes
10k - 10 KB
10m - 10 MB 1g - 1 GB</description>
<param-name>uploadMaxFileSize</param-name>
<param-value>100m</param-value>
</init-param>
<init-param>
<description>Set the threshold size - files below this limit are stored
in memory,
files above this limit are stored on disk. Format: 10 - 10 bytes 10k
-
10 KB 10m - 10 MB 1g - 1 GB</description>
<param-name>uploadThresholdSize</param-name>
<param-value>100k</param-value>
</init-param>
</filter>
