aspose file tools*
The moose likes Servlets and the fly likes securing resources in webcontent except for css and javascript. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "securing resources in webcontent except for css and javascript." Watch "securing resources in webcontent except for css and javascript." New topic
Author

securing resources in webcontent except for css and javascript.

John Robert
Ranch Hand

Joined: Jun 17, 2008
Posts: 39
Ranchers,
I am writing a new web application in websphere 7. My webcontent has jsps, css and javasript files. I do not want to allow the user to directly access the content here like when they type
http://locahost:9081/TestApp i want to redirect the user to my servlet(bascially I want to redirect the user to my default servlet, other than if the request is for css or javascript). I am a little lost here. Basically the authentication is done in my servlet, so untill the control gets to my servlet, i have no way of knowing if the user is authenticated.

I would appreciate if anyone can throw some light on this,

Thanks.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18564
    
    8

I don't understand the problem here. What do the CSS and javascript files have to do with authentication?
John Robert
Ranch Hand

Joined: Jun 17, 2008
Posts: 39
Paul Clapham wrote:I don't understand the problem here. What do the CSS and javascript files have to do with authentication?
.
I am a little new to web apps,
may be I dint put the question right. I will try again. If I put a mapping in web.XML saying forward any request to my one servlet, what would happen when a request comes for JavaScript or Css file? My servlet dispatches the request to a jsp. The jsp has javasript and css files linked( the javasript is in a file outside the jsp).When the browser tries to retrive the JavaScript file , would it get back the JavaScript file or would it get forwarded to the servlet because I said in my web.XML forward any request to this servlet?
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18564
    
    8

John Robert wrote:If I put a mapping in web.XML saying forward any request to my one servlet, what would happen when a request comes for JavaScript or Css file?

This request would be directed ("forwarded" isn't the right word, that refers to something else) to that one servlet. If the request is for a URL ending in ".css" or ".js", or ".html", or whatever else, just forward the request to that resource. Otherwise do your authentication and so on. At least that's what I did; this question isn't specific to Websphere, it applies to anything using the servlet spec, so I'm going to move the question to the Servlets forum. It might get a better answer there.

(By the way this sort of thing is normally done in a filter these days, rather than a front controller servlet.)
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61191
    
  66

Use a filter, not a mapping.

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
John Robert
Ranch Hand

Joined: Jun 17, 2008
Posts: 39
Olk I will look into filters and use it. Thanks for the help.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: securing resources in webcontent except for css and javascript.