Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

should global forward be handled by action forward?

 
Tony Smith
Ranch Hand
Posts: 229
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Seems like via global forward you can just define:

<forward name="logon" path="/logon.jsp"/>

and <html:link name="logon"/> should take you to logon.jsp.

But sometimes I see people do extra step of having:

<forward name="logon" path="/logon.do"/>

and essentially /logon.do doesn't do anything except also forward to logon.jsp. Is there any reason that you should involve action with this kind of simple forward?
 
Merrill Higginson
Ranch Hand
Posts: 4864
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It is considered a best practice to "hide" JSP files from the user, meaning never show a URL that directly references a JSP file. In fact it is a good idea to add a secuirty constraint to the web.xml file such that it isn't even possible to access a JSP file directly.

There are a number of reasons for this. One is that you don't want a potential hacker to know the file structure of your website. Another is that even though you currently have no processing that has to occur before the login.jsp page is displayed, you may want to add some later. If the user has bookmarked the JSP page, the link will fail.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic