In each sensitive JSP page include a link to a JSP that logs in the user
or redirects them to introduction for your web app. Huh?
<jsp:include page="forcelogin.jsp" />
<jsp:include page="forceintro.jsp" />
--
Peter Pilgrim
G.O.A.T
"The Greatest of All Time"
---------------------------------------- Message History
----------------------------------------
From: Olov Andersson <[EMAIL PROTECTED]>@java.sun.com> on 24/11/2000 14:37 CET
Please respond to "A mailing list for discussion about Sun Microsystem's Java Servlet
API Technology." <[EMAIL PROTECTED]>
DELEGATED - Sent by: "A mailing list for discussion about Sun Microsystem's Java
Servlet API Technology."@java.sun.com>
To: [EMAIL PROTECTED]
cc:
Subject: Prevent users from bypassing a Controller servlet?
Hi,
Does anyone know how to prevent direct access to jsp-pages in
a MVC-style webbapplication. That is, how do I force all
requests to be directed to the Controller servlet even if
the user tries to access a jsp-page (or servlet) directly.
If I map all requests in a webb-app to the Controller, it
won't be able to forward requests, because the forwarded
request will only get directed back to the Controller,
resulting in an infinite loop...
--CUT-DOWN--
--
This e-mail may contain confidential and/or privileged information. If you are not the
intended recipient (or have received this e-mail in error) please notify the sender
immediately and destroy this e-mail. Any unauthorised copying, disclosure or
distribution of the material in this e-mail is strictly forbidden.
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
