Re: hiding jsp pages in WEB-INF on weblogic6.1

[David Graham]

Where in the servlet 2.3 spec does it say that? I could only find this:
"The WEB-INF node is not part of the public
document tree of the application. No file contained in the WEB-INF directory may
be served directly to a client by the container. However, the contents of the WEB-INF
directory are visible to servlet code using the getResource and
getResourceAsStream method calls on the ServletContext."

WLS just interpreted that statement differently than others. I would love to see this addressed in the spec though.

David

From: Eddie Bush <[EMAIL PROTECTED]>
Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
To: Struts Users Mailing List <[EMAIL PROTECTED]>
Subject: Re: hiding jsp pages in WEB-INF on weblogic6.1
Date: Tue, 19 Nov 2002 23:21:27 -0600

Setup that security-constraint that David Graham posted earlier. I hadn't thought about doing it that way before, but I have to say it's an ingenious though. Suddenly, <html:base/> has meaning again (or I suspect it will when I refactor using his tip). The "hide it under WEB-INF" trick is perfectly legal according to the servlet specification; unfortunately vendors don't always keep pace with or correctly comprehend - or perhaps fully implement - the specification.

I think WebLogic maybe didn't fully implement the spec. This is at least the second or third thing I've heard of that they geeked on :-/ (I don't use it so I don't keep super-close track of them).

[EMAIL PROTECTED] wrote:

I have hidden my jsp pages in a subdir of WEB-INF so that they are not
directly accessible from a browser request.

The only way to navigate to the pages is via a struts action, and this way
I can also check the user is logged on before we perform the action.

This works fine on tomcat4.0.1, but when I deploy the same war file on
weblogic6.1 sp3, any action request results in a 404 and it can't find the
files.

Before I spend time working out whats going wrong on weblogic, has anyone
else tried this on wls6.1 and got it to work?

Thanks in advance,
Kevin Hooke

--
Eddie Bush





--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail


--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>