aspose file tools*
The moose likes Servlets and the fly likes Legacy System with Protected JSP Above WEB-INF Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Legacy System with Protected JSP Above WEB-INF" Watch "Legacy System with Protected JSP Above WEB-INF" New topic
Author

Legacy System with Protected JSP Above WEB-INF

Alec Lee
Ranch Hand

Joined: Jan 28, 2004
Posts: 569
Putting JSP inside WEB-INF will protect them from direct client access. However, we have a legacy system which put all JSPs above WEB-INF. What are the best strategies to make sure these JSP cannot be accessed directly - assuming the URLs to them cannot be made secret.
Paul Bourdeaux
Ranch Hand

Joined: May 24, 2004
Posts: 783
Just a couple of guesses, because I haven't had to do this before, but I would try using a Filter, or maybe constraining the JSPs in the web.xml...


“Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.” - Rich Cook
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Legacy System with Protected JSP Above WEB-INF
 
Similar Threads
Help with question on Legacy Connectivity and Common Architecture
Can't execute jsp file
preventing direct access to jsp pages
Where to put jar files
JSP/HTML files in WEB-INF