This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

help me with struts

 
k mut
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
what if a user types in the direct jsp page into the browser www.xamplesite.com/xample.jsp

No STRUTS action will be called, so that wont work.
how can i take care of it.I doesn't want to go thru menu.
nothing need to be submitted in that jsp page
just i need to call the struts action that gets datas from database, so the user will get updated information and the i wont verify any authentication for user this is just for some known user.
 
Gregg Bolinger
GenRocket Founder
Ranch Hand
Posts: 15302
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How about asking Struts questions in the Struts forum. I'll move this over there.
 
Mark Blackledge
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by k mut:
what if a user types in the direct jsp page into the browser www.xamplesite.com/xample.jsp

No STRUTS action will be called, so that wont work.
how can i take care of it.


To prevent the user from accessing the JSP page directly, place the JSP page in a location that the users have no access to. For example, /WEB-INF/JSP/xample.jsp.
 
Hendy Setyo Mulyo
Ranch Hand
Posts: 219
Firefox Browser Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by k mut:
what if a user types in the direct jsp page into the browser www.xamplesite.com/xample.jsp

No STRUTS action will be called, so that wont work.
how can i take care of it.I doesn't want to go thru menu.
nothing need to be submitted in that jsp page
just i need to call the struts action that gets datas from database, so the user will get updated information and the i wont verify any authentication for user this is just for some known user.


hello,
to prevent it, you can change the url-pattern at the web.xml to *.jsp (usually *.do), so if there is an url that try to access jsp page, it should be processed through the ActionServlet.

web.xml
=======
<servlet>
<servlet-name>action</servlet-name>
<servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<init-param>
<param-name>debug</param-name>
<param-value>2</param-value>
</init-param>
<init-param>
<param-name>detail</param-name>
<param-value>2</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>*.jsp</url-pattern>
</servlet-mapping>

Hope it helps


Hendy Setyo Mulyo
 
k mut
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i will try this out
thankyou
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic