Win a copy of Learn Spring Security (video course) this week in the Spring forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Restrict JSP Page

 
Nithish Yalamanchili
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hai All

I want restrict external users/programmers to access a JSP Page i.e. in Webserver with the direct URL like
http://localhost:8080/App/index.jsp .

The solution i need is if we type above URL in browser it should not be accessed.. Waiting for replies...

Thanks in Advance.
Nithish Yalamanchili
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you put your JSPs somewhere under WEB-INF they will not be directly accessible from the web.
 
Nithish Yalamanchili
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the reply.

I have created a folder under WEB-INF/jsp and placed the index.jsp. Iam redirecting this jsp page from servlet using
res.sendRedirect("/jsp/index.jsp") , when i run this example the server is giving an error
HTTP Status 404 - /jsp/index.jsp

--------------------------------------------------------------------------------

type Status report

message /jsp/index.jsp

description The requested resource (/jsp/index.jsp) is not available.


--------------------------------------------------------------------------------

Apache Tomcat/5.0.28

How to over come this.

Nithish
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's because redirects involve direct access between the resource and the browser.

A redirect works by sending a 30x header and a location header to the browser.
Once received, the browser makes a new request for resource.
Because, in your case, the resource is not available for direct access to the web, a 404 error is thrown.

Using RequestDispatcher.forward on the other hand is something that takes place, entirely, on the server. You might want to look into that and see if it will suite your needs.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic