I am using stuts 1.1 and a filter that traps all requests of type *.jsp. So basically i want to stop any access to *.jsp from the client. However, when i use struts and do a
forward internally from the action class to a .jsp, this filter is getting invoked...which i thought shudnt happen!
so what is the workaround? is there a way to check that the request is a forwarded request and not from client?
If you put all your jsp's under WEB-INF.
For example WEB-INF/jsp.
Than the jsp's can't be called directly by the client.
And in de struts you just call : path="/WEB-INF/jsp/......jsp"
The servlet 2.3 spec does not clearly specify what kind of requests should be filtered. For example Tomcat 4.x filters only the requests comming from the client, the internal forwards are not filtered. Other 2.3 web servers filter all the requests. However, the servlets 2.4 solves this isssue by specifying what kind of requests must be filtered:
The dispatcher element can have one of the values: REQUEST, FORWARD, INCLUDE and ERROR.
Best regards. Mircea
Thanks this is nice to know that there so many things to J2EE!!
well then do u know of any workaround? is there a way i can check in the filter that the request is not from the client?
Unfortunatelly I don't know a clean solution to this problem.However, you could switch to Tomcat 5 which is servlet 2.4 compliant.
Best rehgards, Mircea
I used filter for removing the duplicate clicks (Duplicate click means when user clicks button continuosly for some time, first click is valid click and other are as duplicate clicks.).
The filters doFilter() method is get called while request processing and for resonse also. I want to activate the filter only while processing requests and not the resopnses.
suggest the ways.