screws up everything?

Keith Chew Wed, 27 Feb 2002 14:11:32 -0800


No, that was not what I was looking for.


In Apache, you can use the Location tag to filter out http requests, eg:

  <Location /*.jsp>
    Deny from all
  </Location>

I want to filter out all JSPs including subfolders. Any thoughts?

I just read the documentation and it says you use LocationMatch and pass it
a regular expression, eg

   <LocationMatch "/(extra|special)/data">

would match URLs that contained the substring "/extra/data" or
"/special/data".

I want something like:

   <LocationMatch "/**/*.jsp">

Is this the correct format of a regular expression? I will give this a go...

Keith


-----Original Message-----
From: Matt Raible [mailto:[EMAIL PROTECTED]]
Sent: Thursday, 28 February 2002 11:16 a.m.
To: Struts Users Mailing List
Subject: RE: changing from *.do to /do/* screws up everything?


The *easiest" way to do this is to use a DefaultAction that can be used to
forward to JSPs, and actions-mappings for everything else.

Then protect /do/* request your JSPs with /do/name.jsp and it'll go through
DefaultAction (search this list for more info), and having your welcome as
/index.jsp (notice no /do/)

Is this what you're looking for?

Matt

--- Keith Chew <[EMAIL PROTECTED]> wrote:
>
> Yes, I have the question. For example, I want to block all JSPs includeing
> subfolders, eg
>
> /index.jsp
> /subfolder/1.jsp
>
> can I go something like **/*.jsp (similar to Ant)?
>
> Keith
>
>
> -----Original Message-----
> From: Dave J Dandeneau [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, 28 February 2002 10:59 a.m.
> To: Struts Users Mailing List
> Subject: RE: changing from *.do to /do/* screws up everything?
>
>
> Can url-patterns be when more complicated than *.jsp when restricting
access
> to pages. I have used *.jsp and *.do, but can you add more complex
> expressions? What syntax do you use when adding these? In example, what
> might be the syntax to restrict all pages but a login page? or maybe the
> index page? maybe something like ((*.jsp) && !(index.jsp))?
>
> Thanks,
> dave
>
> -----Original Message-----
> From: Robert [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 27, 2002 3:51 PM
> To: 'Struts Users Mailing List'
> Subject: RE: changing from *.do to /do/* screws up everything?
>
>
> Figures. Then I suppose you could have an index.jsp and deny all other
> .jsps... Or maybe have the index page do a redirect to the index.do.
> Maybe not as clean or elegant, but would work.
>
>
>
> -----Original Message-----
> From: Joco Guilherme Del Valle [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 27, 2002 2:44 PM
> To: Struts Users Mailing List
> Subject: Re: changing from *.do to /do/* screws up everything?
>
> I don4t know about the spec, but at least Tomcat *does not* accept this
> solution. I haven4t tried with a servlet, but an action doesn4t work.
> Maybe
> because the name of the tag in web.xml is welcome-file-list, it4s must
> be
> either a tag that accepts only files or a semantic problem in the spec.
>
>
>  Joao Guilherme Del Valle
>  [EMAIL PROTECTED]
>  Visionnaire Informatica SA
>  http://www.visionnaire.com.br
>  Tel/Fax: +55 41 373-7400 r: 221
>  Curitiba / PR / Brasil
> ----- Original Message -----
> From: "Robert" <[EMAIL PROTECTED]>
> To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]>
> Sent: Wednesday, February 27, 2002 5:36 PM
> Subject: RE: changing from *.do to /do/* screws up everything?
>
>
> > You could set up index.do as a 'welcome page'; but then it would
> depend
> > on if the server would try to load this as a 'page' or via a URL which
> > Struts would then pickup and handle.
> >
> > Not sure if that would work, but that's a though.
> >
> > Robert
> >
> > -----Original Message-----
> > From: Eddie Bush [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, February 27, 2002 2:26 PM
> > To: Struts Users Mailing List
> > Subject: Re: changing from *.do to /do/* screws up everything?
> >
> > Yes, but will that not demand that your index page be a HTML file
> rather
> > than JSP?  If you have an index page that has dynamic pieces as well
> as
> > static ones - or uses, say, templates (struts templates that is),
> you've
> > just shot yourself in the foot, haven't you?
> >
> > Additional Thoughts,
> >
> > Eddie
> >
> > ----- Original Message -----
> > From: "Keith Chew" <[EMAIL PROTECTED]>
> > To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
> > Sent: Wednesday, February 27, 2002 2:21 PM
> > Subject: RE: changing from *.do to /do/* screws up everything?
> >
> >
> > >
> > > An alternative to putting it in the WEB-INF is to use Apache to
> filter
> > the
> > > request, eg:
> > >
> > >   <Location /*.jsp>
> > >     Deny from all
> > >   </Location>
> > >
> > > This has the advantage of:
> > > - if you decide not to disallow JSPs, you can
> > > - when you are developing, it's often handy to view the JSPs without
> > going
> > > through the actions first (eg want to see if your table looks ok)
> > >
> > > Some thoughts
> > > Keith
> > >
> > > -----Original Message-----
> > > From: Eddie Bush [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, 28 February 2002 7:44 a.m.
> > > To: Struts Users Mailing List
> > > Subject: Re: changing from *.do to /do/* screws up everything?
> > >
> > >
> > > Ok, silly question time.  Why would you want to put your pages under
> > > WEB-INF?  Honestly, I don't see why you would, but ... I'm hardly a
> > 'guru'.
> > >
> > > Thanks,
> > >
> > > Eddie
> > >
> > > ----- Original Message -----
> > > From: "Rob Breeds" <[EMAIL PROTECTED]>
> > > To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
> > > Sent: Wednesday, February 27, 2002 11:58 AM
> > > Subject: Re: changing from *.do to /do/* screws up everything?
> > >
> > >
> > > >
> > > > Thanks for suggestion but I can't use <html:base> because all my
> > JSPs
> > are
> > > > under WEB-INF\pages
> > > >
> > > > Putting <html:base/> in will cause images (and any relative urls)
> to
> > have
> > > > URLs of
> > > > <img src="WEB-INF/pages/images/find_obj.gif">
> > > >
> > > > which is even worse (doesn't work at all) and defeats the point of
> > putting
> > > > pages under WEB-INF!
> > > >
> > > >
> > > > Rob
> > > >
> > > >
> > > >
> > > >
> > > > |--------+------------------------->
> > > > |        |          Bryan          |
> > > > |        |          Field-Elliot   |
> > > > |        |          <bryan_lists@ne|
> > > > |        |          tmeme.org>     |
> > > > |        |                         |
> > > > |        |          27/02/2002     |
> > > > |        |          17:49          |
> > > > |        |          Please respond |
> > > > |        |          to "Struts     |
> > > > |        |          Users Mailing  |
> > > > |        |          List"          |
> > > > |        |                         |
> > > > |--------+------------------------->
> > > >
> > >
> >
> >-----------------------------------------------------------------------
> > ----
> > > --------------------------------------------|
> > > >   |
> > > |
> > > >   |      To:     Struts Users Mailing List
> > > <[EMAIL PROTECTED]>
> > > |
> > > >   |      cc:
> > > |
> > > >   |      Subject:     Re: changing from *.do to /do/* screws up
> > > everything?                                               |
> > > >   |
> > > |
> > > >   |
> > > |
> > > >
> > >
> >
> >-----------------------------------------------------------------------
> > ----
> > > --------------------------------------------|
> > > >
> > > >
> > > >
> > > >
> > > > Put this inside the <head> block of all your JSP pages:
> > > >
> > > > <html:base/>
> > > >
> > > > Here is a URL to the docs for this tag:
> > > >
> > > > http://jakarta.apache.org/struts/doc-1.0.2/struts-html.html#base
> > > >
> > > > It solves exactly this problem.
> > > >
> > > > Bryan
> > > >
> > > > On Wed, 2002-02-27 at 10:39, Rob Breeds wrote:
> > > > > Hi
> > > > >
> > > > > I hope this is me being dumb but I have a working Struts
> > application
> > > that
> > > > > uses a *.do servlet mapping for ActionServlet
> > > > >
> > > > > Because I found that the servlet spec doesn't allow partial URL
> > mappings
> > > > > for security (eg. I can't specify a url-mapping of '/pub*'), I
> > must
> > now
> > > > > change my app to use /do/*
> > > > >
> > > > > Seems like a fine idea, and Ted says its cool :)
> > > > >
> > > > > So, I changed the servlet mapping to '/do/*' and references to
> > '*.do'
> > in
> > > > my
> > > > > JSPs.
> > > > >
> > > > > Now my app sort of works but all relative links are now broken -
> > CSS,
> > > > > images, JavaScript files
> > > > >
> > > > > e.g. I have a URL of '<rest of path>/do/header' and this is
> > specified
> > in
> > > > > the config  file as:
> > > > >
> > > > >           <action path="/header"
> > forward="/WEB-INF/pages/header.jsp"/>
> > > > >
> > > > > The page loads OK but the JSP references images like this:
> > > > >
> > > > > <img src="images/find_obj.gif">
> > > > >
> > > > > This used to work because images was a directory directly under
> > the
> > war
> > > > > directory, but now, the image has a path of <img src
> > > > > ="/do/images/find_obj.gif"> which isn't found. Simarly for
> > references
> > to
> > > > > CSS files and JS files.
> > > > >
> > > > > why is the /do/ prefix being added?
> > > > >
> > > > >
> > > > > Please could anyone tell me what I have to do to get my JS, CSS
> > and
> > > > images
> > > > > to load without changing every reference  to them in every JSP
> to
> > > include
> > > > a
> > > > > /do/?
> > > > >
> > > > > Thanks
> > > > >
> > > > > Rob
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > To unsubscribe, e-mail:   <
> > > > mailto:[EMAIL PROTECTED]>
> > > > > For additional commands, e-mail: <
> > > > mailto:[EMAIL PROTECTED]>
> > > >
> > > >
> > > >
> > > > --
> > > > To unsubscribe, e-mail:   <
> > > > mailto:[EMAIL PROTECTED]>
> > > > For additional commands, e-mail: <
> > > > mailto:[EMAIL PROTECTED]>
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > > To unsubscribe, e-mail:
> > > <mailto:[EMAIL PROTECTED]>
> > > > For additional commands, e-mail:
> > > <mailto:[EMAIL PROTECTED]>
> > > >
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> > > <mailto:[EMAIL PROTECTED]>
> > > For additional commands, e-mail:
> > > <mailto:[EMAIL PROTECTED]>
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> > <mailto:[EMAIL PROTECTED]>
> > > For additional commands, e-mail:
> > <mailto:[EMAIL PROTECTED]>
> > >
> >
> >
> > --
> > To unsubscribe, e-mail:
> > <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail:
> > <mailto:[EMAIL PROTECTED]>
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>


__________________________________________________
Do You Yahoo!?
Yahoo! Greetings - Send FREE e-cards for every occasion!
http://greetings.yahoo.com

--
To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

RE: changing from *.do to /do/* screws up everything?

Reply via email to

RE: changing from .do to /do/ screws up everything?