File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Struts and the fly likes Restricting access to the view (JSPs) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Restricting access to the view (JSPs)" Watch "Restricting access to the view (JSPs)" New topic

Restricting access to the view (JSPs)

Todd Johnson
Ranch Hand

Joined: Sep 03, 2005
Posts: 61
I'm working on my first STRUTS project. I have done some MVC web apps before. Typically I would have my controller servlet put a boolean on the request before forwarding it to my JSPs. My JSPs would check for that boolean to be there. If it wasn't there, the JSP would know that the user pointed their browser at the JSP instead of being forwarded to the JSP by the controller. In that case I would just forward them back to some "safe" place.

I'd like to do the same thing in struts, but the only way I can think to do it is to extend strut's action servlet. However, from what I have read, this is a bad idea. Is there another alternative that I am missing?

Mark Blackledge

Joined: Nov 04, 2005
Posts: 5
Yes, put your JSP files somewhere under your WEB-INF directory. Then the users have no access to them and you don't have any extra work.
I agree. Here's the link:
subject: Restricting access to the view (JSPs)
It's not a secret anymore!