阻止用户访问.jsp，除非转发 [英] Prevent users from accessing .jsp except by forwarding

问题描述

我有一个使用java技术的MVC网站。我有一些.jsp，当通过适当的servlet路由到正常工作，但直接访问似乎不起作用。我想阻止我的用户直接寻址.jsps。

I have a MVC website with java technologies. I have a number of .jsp which when routed to via proper servlets work fine, but when accessed directly appear not to work. I want to prevent my users from direct addressing the .jsps.

这是他们可以使用 www.url.com/Website/MyServlet ，然后将它们转发到 www.url.com/Website/MyServlet.jsp ，但我想阻止它们直接寻址到 www.url.com/Website/MyServlet.jsp 因为 HttpServletRequest 将缺少属性并且无法正确显示。当然这必须是常见的做法？我如何帮助这个，我可以编写一个映射，将所有* .jsp重定向到未找到的除非它是一个转发吗？

That is they can use www.url.com/Website/MyServlet, which would then forward them to www.url.com/Website/MyServlet.jsp, but I want to prevent them from direct addressing towww.url.com/Website/MyServlet.jsp since the HttpServletRequest will be missing attributes and will not display correctly. Surely this must be common practice? How do I accomplice this, can I write a mapping which redirects all *.jsp to not founds unless it is a forward?

我打赌我可以编写一个选择的过滤器向上映射到* .jsp的所有非FORWARD指令（INCLUDE REQUEST等）并为它们发送404但我认为必须有一个更有效的方法吗？有人有任何建议吗？

I bet I could write a filter that picks up all non FORWARD directives (INCLUDE REQUEST etc) mapped to *.jsp and send 404 for them but Im thinking there must be a eaisier way? Anyone have any suggestions?

推荐答案

将它们放入 / WEB-INF 文件夹并相应地更改转发路径。

Put them in /WEB-INF folder and change the forward paths accordingly.

request.getRequestDispatcher("/WEB-INF/MyServlet.jsp").forward(request, response);

/ WEB-INF 中的文件（和 / META-INF ）文件夹无法公开访问。

Files in /WEB-INF (and /META-INF) folder are not publicly accessible.

这篇关于阻止用户访问.jsp，除非转发的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！