| Author |
Protecting direct access to JSP pages
|
Reema Patel
Ranch Hand
Joined: Jan 26, 2006
Posts: 169
|
|
Hello All,
I'm new to JSF framework.
One of the strange things I noticed about JSF is that while I try to access the JSP pages directly (with .jsp extension) I get a NullPointerException. It works as expected when I access the JSP pages with .faces extension. Whay is that so?
I read somewhere that this can be countered by using the security-constraint tag in web.xml file.
Thanks,
Reema
|
 |
Paul Speijers
Greenhorn
Joined: Apr 10, 2005
Posts: 8
|
|
Hi Reema,
When you access your JSF pages using the .jsp extension your files get interpreted as JSP pages. Therefore, you get a nullpointer exception because the JSF elements are not recognized.
You probably have the following servlet definition and mapping in your WEB-INF/web.xml:
<!-- Faces Servlet -->
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Faces Servlet Mapping -->
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
This means that when an URL is encountered which ends with .faces, it is being handled by the Faces Servlet, which interprets the corresponding .jsp file as being a JSF file. Therefore, that does work.
Good luck!
|
|
Reema Patel
Ranch Hand
Joined: Jan 26, 2006
Posts: 169
|
|
Paul said:
........you get a nullpointer exception because the JSF elements are not recognized.
This sounds apt. But, I do have the taglib definitions at the top of each JSP view. I believe everything inside the JSP page has to to with h and f tag libraries.
--Reema
|
|
 |
|
|
subject: Protecting direct access to JSP pages
|
|
|
0
