阻止用户访问.jsp,除非转发 [英] Prevent users from accessing .jsp except by forwarding
问题描述
我有一个使用java技术的MVC网站。我有一些.jsp,当通过适当的servlet路由到正常工作,但直接访问似乎不起作用。我想阻止我的用户直接寻址.jsps。
I have a MVC website with java technologies. I have a number of .jsp which when routed to via proper servlets work fine, but when accessed directly appear not to work. I want to prevent my users from direct addressing the .jsps.
这是他们可以使用 www.url.com/Website/MyServlet
,然后将它们转发到 www.url.com/Website/MyServlet.jsp
,但我想阻止它们直接寻址到 www.url.com/Website/MyServlet.jsp
因为 HttpServletRequest
将缺少属性并且无法正确显示。当然这必须是常见的做法?我如何帮助这个,我可以编写一个映射,将所有* .jsp重定向到未找到的除非它是一个转发吗?
That is they can use www.url.com/Website/MyServlet
, which would then forward them to www.url.com/Website/MyServlet.jsp
, but I want to prevent them from direct addressing towww.url.com/Website/MyServlet.jsp
since the HttpServletRequest
will be missing attributes and will not display correctly. Surely this must be common practice? How do I accomplice this, can I write a mapping which redirects all *.jsp to not founds unless it is a forward?
我打赌我可以编写一个选择的过滤器向上映射到* .jsp的所有非FORWARD指令(INCLUDE REQUEST等)并为它们发送404但我认为必须有一个更有效的方法吗?有人有任何建议吗?
I bet I could write a filter that picks up all non FORWARD directives (INCLUDE REQUEST etc) mapped to *.jsp and send 404 for them but Im thinking there must be a eaisier way? Anyone have any suggestions?
推荐答案
将它们放入 / WEB-INF
文件夹并相应地更改转发路径。
Put them in /WEB-INF
folder and change the forward paths accordingly.
request.getRequestDispatcher("/WEB-INF/MyServlet.jsp").forward(request, response);
/ WEB-INF
中的文件(和 / META-INF
)文件夹无法公开访问。
Files in /WEB-INF
(and /META-INF
) folder are not publicly accessible.
这篇关于阻止用户访问.jsp,除非转发的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!