I'm using struts 1.3 for my application and all jsp pages are forwarded through controller (action class). But If I access the jsp page directly, I'm able to access it. How do I prevent this?
相关问题
- Delete Messages from a Topic in Apache Kafka
- Jackson Deserialization not calling deserialize on
- How to maintain order of key-value in DataFrame sa
- StackExchange API - Deserialize Date in JSON Respo
- Difference between Types.INTEGER and Types.NULL in
put all your jsp-s inside WEB-INF folder (for example in WEB-INF/jsp folder) and dont forget to change your mapping regarding location of jsp-s.
I think the best option would be to put your web pages in the WEB-INF folder - that way they won't be directly accessible but then in your servlets you can have something like:
Taken from: http://netbeans.org/kb/docs/javaee/ecommerce/page-views-controller.html
You can use filters and restrict the request with url which ask for .jsp pages and only allow requests which ask for .do
Filters are used to bypass or interrupt the requests , so use the filters to restrict the request , if it not contains .do in url. Below is the good tutorial for filters
Filters