I have some html clients created by some very old cgis posting data to a JSP/servlet. Now this JSP/servlet is open to the entire world, but I want only those certain cgis to be able to post to it. In other words, I don't want users to create their own forms and post my jsp/servlet. The clients can only be the clients that reside on machine. Its very important that this doesn't happen. Does anyone know if there is a way to identity to client in jsp or stop others from posting to your servlet in JSP.
You can use a simple filter to identify the clients and stop to access those jsps you want to protect
Joined: Mar 18, 2005
I'm lost. I know there is someway to filter. There has to be logically. But I guess I just don't know enough to do it. Thats why I came to the big guns for help. For instance http://myserver.com/test.jsp post to http://myserver.com/test2Res.jsp. Logic distates for me to parse the string of the server veriable (if there is such a variable) to tell me the identity (http://myserver.com/test.jsp ) of the object posting to my response page to see if its a legal client. But does java provide me with a mechanism for doing this?
What is meant by filtering the request is you need to implement a ServletFilter and (through the web.xml file) force anything that calls that servlet to pass through it first. Also look in the request object for methods that will help you do this. You need to google ServletFilter to find out more about implementing these....
No more rhymes! I mean it!<br /> <br />Does anybody want a peanut?