hi,
how can one deny access to a certain JSP directly from a web browser? i don't want users to be able to access a JSP by typing its URL in their browser.
thanks
-
Deny access to a certain JSP (2 messages)
- Posted by: igorko stajpus
- Posted on: December 11 2003 07:17 EST
Threaded Messages (2)
- Deny access to a certain JSP by stephen smithstone on December 11 2003 08:19 EST
- Deny access to a certain JSP by Mathieu Gamache on December 18 2003 08:29 EST
-
Deny access to a certain JSP[ Go to top ]
- Posted by: stephen smithstone
- Posted on: December 11 2003 08:19 EST
- in response to igorko stajpus
hi,
> how can one deny access to a certain JSP directly from a web browser? i don't want users to be able to access a JSP by typing its URL in their browser.
>
> thanks
place the jsp pages under the WEB-INF directory then map some urls to the jsp pages -
Deny access to a certain JSP[ Go to top ]
- Posted by: Mathieu Gamache
- Posted on: December 18 2003 08:29 EST
- in response to igorko stajpus
You can avoid all issues if your users do not know the URLs to your JSPs as it was mentioned in the previous response.
Otherwise you can use javascript to disable the Address bar upon access your app but this can easily be overcomed if the user really wan't to access the JSPs directly.
Finally, if you are concerned about security, you can secure access to certain pages or access paths using JAAS or J2EE Application Security if your server supports it.
Mathieu