Yes, I have the question. For example, I want to block all JSPs includeing subfolders, eg
/index.jsp /subfolder/1.jsp can I go something like **/*.jsp (similar to Ant)? Keith -----Original Message----- From: Dave J Dandeneau [mailto:[EMAIL PROTECTED]] Sent: Thursday, 28 February 2002 10:59 a.m. To: Struts Users Mailing List Subject: RE: changing from *.do to /do/* screws up everything? Can url-patterns be when more complicated than *.jsp when restricting access to pages. I have used *.jsp and *.do, but can you add more complex expressions? What syntax do you use when adding these? In example, what might be the syntax to restrict all pages but a login page? or maybe the index page? maybe something like ((*.jsp) && !(index.jsp))? Thanks, dave -----Original Message----- From: Robert [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 3:51 PM To: 'Struts Users Mailing List' Subject: RE: changing from *.do to /do/* screws up everything? Figures. Then I suppose you could have an index.jsp and deny all other .jsps... Or maybe have the index page do a redirect to the index.do. Maybe not as clean or elegant, but would work. -----Original Message----- From: Joćo Guilherme Del Valle [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 2:44 PM To: Struts Users Mailing List Subject: Re: changing from *.do to /do/* screws up everything? I don“t know about the spec, but at least Tomcat *does not* accept this solution. I haven“t tried with a servlet, but an action doesn“t work. Maybe because the name of the tag in web.xml is welcome-file-list, it“s must be either a tag that accepts only files or a semantic problem in the spec. Joao Guilherme Del Valle [EMAIL PROTECTED] Visionnaire Informįtica SA http://www.visionnaire.com.br Tel/Fax: +55 41 373-7400 r: 221 Curitiba / PR / Brasil ----- Original Message ----- From: "Robert" <[EMAIL PROTECTED]> To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]> Sent: Wednesday, February 27, 2002 5:36 PM Subject: RE: changing from *.do to /do/* screws up everything? > You could set up index.do as a 'welcome page'; but then it would depend > on if the server would try to load this as a 'page' or via a URL which > Struts would then pickup and handle. > > Not sure if that would work, but that's a though. > > Robert > > -----Original Message----- > From: Eddie Bush [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, February 27, 2002 2:26 PM > To: Struts Users Mailing List > Subject: Re: changing from *.do to /do/* screws up everything? > > Yes, but will that not demand that your index page be a HTML file rather > than JSP? If you have an index page that has dynamic pieces as well as > static ones - or uses, say, templates (struts templates that is), you've > just shot yourself in the foot, haven't you? > > Additional Thoughts, > > Eddie > > ----- Original Message ----- > From: "Keith Chew" <[EMAIL PROTECTED]> > To: "Struts Users Mailing List" <[EMAIL PROTECTED]> > Sent: Wednesday, February 27, 2002 2:21 PM > Subject: RE: changing from *.do to /do/* screws up everything? > > > > > > An alternative to putting it in the WEB-INF is to use Apache to filter > the > > request, eg: > > > > <Location /*.jsp> > > Deny from all > > </Location> > > > > This has the advantage of: > > - if you decide not to disallow JSPs, you can > > - when you are developing, it's often handy to view the JSPs without > going > > through the actions first (eg want to see if your table looks ok) > > > > Some thoughts > > Keith > > > > -----Original Message----- > > From: Eddie Bush [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, 28 February 2002 7:44 a.m. > > To: Struts Users Mailing List > > Subject: Re: changing from *.do to /do/* screws up everything? > > > > > > Ok, silly question time. Why would you want to put your pages under > > WEB-INF? Honestly, I don't see why you would, but ... I'm hardly a > 'guru'. > > > > Thanks, > > > > Eddie > > > > ----- Original Message ----- > > From: "Rob Breeds" <[EMAIL PROTECTED]> > > To: "Struts Users Mailing List" <[EMAIL PROTECTED]> > > Sent: Wednesday, February 27, 2002 11:58 AM > > Subject: Re: changing from *.do to /do/* screws up everything? > > > > > > > > > > Thanks for suggestion but I can't use <html:base> because all my > JSPs > are > > > under WEB-INF\pages > > > > > > Putting <html:base/> in will cause images (and any relative urls) to > have > > > URLs of > > > <img src="WEB-INF/pages/images/find_obj.gif"> > > > > > > which is even worse (doesn't work at all) and defeats the point of > putting > > > pages under WEB-INF! > > > > > > > > > Rob > > > > > > > > > > > > > > > |--------+-------------------------> > > > | | Bryan | > > > | | Field-Elliot | > > > | | <bryan_lists@ne| > > > | | tmeme.org> | > > > | | | > > > | | 27/02/2002 | > > > | | 17:49 | > > > | | Please respond | > > > | | to "Struts | > > > | | Users Mailing | > > > | | List" | > > > | | | > > > |--------+-------------------------> > > > > > > >----------------------------------------------------------------------- > ---- > > --------------------------------------------| > > > | > > | > > > | To: Struts Users Mailing List > > <[EMAIL PROTECTED]> > > | > > > | cc: > > | > > > | Subject: Re: changing from *.do to /do/* screws up > > everything? | > > > | > > | > > > | > > | > > > > > > >----------------------------------------------------------------------- > ---- > > --------------------------------------------| > > > > > > > > > > > > > > > Put this inside the <head> block of all your JSP pages: > > > > > > <html:base/> > > > > > > Here is a URL to the docs for this tag: > > > > > > http://jakarta.apache.org/struts/doc-1.0.2/struts-html.html#base > > > > > > It solves exactly this problem. > > > > > > Bryan > > > > > > On Wed, 2002-02-27 at 10:39, Rob Breeds wrote: > > > > Hi > > > > > > > > I hope this is me being dumb but I have a working Struts > application > > that > > > > uses a *.do servlet mapping for ActionServlet > > > > > > > > Because I found that the servlet spec doesn't allow partial URL > mappings > > > > for security (eg. I can't specify a url-mapping of '/pub*'), I > must > now > > > > change my app to use /do/* > > > > > > > > Seems like a fine idea, and Ted says its cool :) > > > > > > > > So, I changed the servlet mapping to '/do/*' and references to > '*.do' > in > > > my > > > > JSPs. > > > > > > > > Now my app sort of works but all relative links are now broken - > CSS, > > > > images, JavaScript files > > > > > > > > e.g. I have a URL of '<rest of path>/do/header' and this is > specified > in > > > > the config file as: > > > > > > > > <action path="/header" > forward="/WEB-INF/pages/header.jsp"/> > > > > > > > > The page loads OK but the JSP references images like this: > > > > > > > > <img src="images/find_obj.gif"> > > > > > > > > This used to work because images was a directory directly under > the > war > > > > directory, but now, the image has a path of <img src > > > > ="/do/images/find_obj.gif"> which isn't found. Simarly for > references > to > > > > CSS files and JS files. > > > > > > > > why is the /do/ prefix being added? > > > > > > > > > > > > Please could anyone tell me what I have to do to get my JS, CSS > and > > > images > > > > to load without changing every reference to them in every JSP to > > include > > > a > > > > /do/? > > > > > > > > Thanks > > > > > > > > Rob > > > > > > > > > > > > > > > > -- > > > > To unsubscribe, e-mail: < > > > mailto:[EMAIL PROTECTED]> > > > > For additional commands, e-mail: < > > > mailto:[EMAIL PROTECTED]> > > > > > > > > > > > > -- > > > To unsubscribe, e-mail: < > > > mailto:[EMAIL PROTECTED]> > > > For additional commands, e-mail: < > > > mailto:[EMAIL PROTECTED]> > > > > > > > > > > > > > > > > > > -- > > > To unsubscribe, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > For additional commands, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > > > > > > > -- > > To unsubscribe, e-mail: > > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > > > > -- > > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
