• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Paul Clapham
  • paul wheaton
Sheriffs:
  • Tim Cooke
  • Devaka Cooray
  • Rob Spoor
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:

Primefaces inside web-inf

 
Ranch Hand
Posts: 69
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I have a simple.xhtml page inside WEB-INF folder. I am using PrimeFaces

When I run the application and go to that page, It only shows the text "This is Editor:",
But when I place the same page outside the WEB-INF folder then it show the primeface editor.

Is primefaces tags are not accessible inside WEB-INF folder?
 
Ranch Hand
Posts: 426
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Pages should never be inside WEB-INF I think...you can use a filter to protect those pages instead..
This is just what I think..
 
Saloon Keeper
Posts: 27478
195
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The rule is that anything you need to access by a URL cannot be places in WEB-INF, because WEB-INF and its contents are invisible as URL resources. So you can place Facelets include files under WEB-INF, since they're accessed as resources, but the top-level page resources have to be external to WEB-INF, since you use URLs to select them for JSF processing.

There are several ways to make the raw resources off-limits. If you are using standard J2EE container security, just write a security rule in WEB-INF/web.xml to block access to "*.xhtml". That will give a 403 FORBIDDEN. If you prefer a 404 NOT FOUND, you can write a small servlet, map it to "*.xhtml" and have it return a 404 response code for anything sent to it.

A servlet filter can also do the job. The main disadvantage to the filter approach is that if you make a mistake, it can have an impact on other URL requests as well as URLs ending in ".xhtml".
 
You learn how to close your eyes and tell yourself "this just isn't really happening to me." Tiny ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic