• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Liutauras Vilda
Sheriffs:
  • Paul Clapham
  • Jeanne Boyarsky
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Piet Souris
  • Carey Brown
Bartenders:
  • Jesse Duncan
  • Frits Walraven
  • Mikalai Zaikin

Primefaces inside web-inf

 
Ranch Hand
Posts: 69
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I have a simple.xhtml page inside WEB-INF folder. I am using PrimeFaces

When I run the application and go to that page, It only shows the text "This is Editor:",
But when I place the same page outside the WEB-INF folder then it show the primeface editor.

Is primefaces tags are not accessible inside WEB-INF folder?
 
Ranch Hand
Posts: 426
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Pages should never be inside WEB-INF I think...you can use a filter to protect those pages instead..
This is just what I think..
 
Saloon Keeper
Posts: 25656
183
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The rule is that anything you need to access by a URL cannot be places in WEB-INF, because WEB-INF and its contents are invisible as URL resources. So you can place Facelets include files under WEB-INF, since they're accessed as resources, but the top-level page resources have to be external to WEB-INF, since you use URLs to select them for JSF processing.

There are several ways to make the raw resources off-limits. If you are using standard J2EE container security, just write a security rule in WEB-INF/web.xml to block access to "*.xhtml". That will give a 403 FORBIDDEN. If you prefer a 404 NOT FOUND, you can write a small servlet, map it to "*.xhtml" and have it return a 404 response code for anything sent to it.

A servlet filter can also do the job. The main disadvantage to the filter approach is that if you make a mistake, it can have an impact on other URL requests as well as URLs ending in ".xhtml".
 
pie. tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic