You should prohibit direct access to your jsp. This can be done by moving your
jsps under WEB-INF or declare a security constraint in web.xml.
Regards Jocke.
From: alexk...@gmail.com
Date: Wed, 13 Jul 2011 09:40:37 +0600a
To: stripes-users@lists.sourceforge.net
Subject: Re: [Stripes-users] Direct access to .jsp, no security manager
(stripesstuff security)
Hi,Why don't you use actionBean for that jsp, just create empty action bean and
you'll not have any problems:)
2011/7/13 T Akhayo <t.akh...@gmail.com>
Good evening,
I'm currently using the security interceptor from stripesstuff. It
works like a charm.
There is only one problem, when i access my .jsp pages directly (surf
to .jsp page) the "allowed" jsp tag always grant access.
When i go to a .action page (which forwards to the .jsp) everything works fine.
I turned debugging on and found out that when going directly to a .jsp
page the security interceptor doesn't insert the security manager in
the current request. When using the "allowed" tag the debug message
is:
"there is no security manager; allowing access"
Is there a way i can manually insert the security manager?
Please note that i am using my own j2eesecuritymanager.
Kind regards,
T. Akhayo
stripes-users@lists.sourceforge.net
------------------------------------------------------------------------------
AppSumo Presents a FREE Video for the SourceForge Community by Eric
Ries, the creator of the Lean Startup Methodology on "Lean Startup
Secrets Revealed." This video shows you how to validate your ideas,
optimize your ideas and identify your business strategy.
http://p.sf.net/sfu/appsumosfdev2dev
_______________________________________________
Stripes-users mailing list
Stripes-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/stripes-users
------------------------------------------------------------------------------
AppSumo Presents a FREE Video for the SourceForge Community by Eric
Ries, the creator of the Lean Startup Methodology on "Lean Startup
Secrets Revealed." This video shows you how to validate your ideas,
optimize your ideas and identify your business strategy.
http://p.sf.net/sfu/appsumosfdev2dev
_______________________________________________
Stripes-users mailing list
Stripes-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/stripes-users
------------------------------------------------------------------------------
AppSumo Presents a FREE Video for the SourceForge Community by Eric
Ries, the creator of the Lean Startup Methodology on "Lean Startup
Secrets Revealed." This video shows you how to validate your ideas,
optimize your ideas and identify your business strategy.
http://p.sf.net/sfu/appsumosfdev2dev
_______________________________________________
Stripes-users mailing list
Stripes-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/stripes-users
