Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes JSP and the fly likes Restrict JSP Page Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Restrict JSP Page" Watch "Restrict JSP Page" New topic
Author

Restrict JSP Page

Nithish Yalamanchili
Greenhorn

Joined: Aug 16, 2007
Posts: 24
Hai All

I want restrict external users/programmers to access a JSP Page i.e. in Webserver with the direct URL like
http://localhost:8080/App/index.jsp .

The solution i need is if we type above URL in browser it should not be accessed.. Waiting for replies...

Thanks in Advance.
Nithish Yalamanchili
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

If you put your JSPs somewhere under WEB-INF they will not be directly accessible from the web.


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Nithish Yalamanchili
Greenhorn

Joined: Aug 16, 2007
Posts: 24
Thanks for the reply.

I have created a folder under WEB-INF/jsp and placed the index.jsp. Iam redirecting this jsp page from servlet using
res.sendRedirect("/jsp/index.jsp") , when i run this example the server is giving an error
HTTP Status 404 - /jsp/index.jsp

--------------------------------------------------------------------------------

type Status report

message /jsp/index.jsp

description The requested resource (/jsp/index.jsp) is not available.


--------------------------------------------------------------------------------

Apache Tomcat/5.0.28

How to over come this.

Nithish
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

That's because redirects involve direct access between the resource and the browser.

A redirect works by sending a 30x header and a location header to the browser.
Once received, the browser makes a new request for resource.
Because, in your case, the resource is not available for direct access to the web, a 404 error is thrown.

Using RequestDispatcher.forward on the other hand is something that takes place, entirely, on the server. You might want to look into that and see if it will suite your needs.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Restrict JSP Page