On 10 Aug 2002, Alexander Wallace wrote:
> Date: 10 Aug 2002 12:17:03 +0100
> From: Alexander Wallace <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> To: Tomcat Users List <[EMAIL PROTECTED]>
> Subject: Re: Problems with <url-pattern>*
>
> What I need to be able to do is to make sure, that every request, for
> any page has enought rights to view the page and use it, So i thought of
> using a servlet as a controller. If I understand correctly what you
> talked about in this and your previous post, using the servlet mapping
> to "/" will not work at some point.
>
> I'm not that experienced yet in these matters, could you ilustrate to me
> a bit why this won't cut it?
>
Using a *servlet* for your purpose (checking access rights) will not work
at all -- see my previous post for why you should use a Filter instead.
The problem with the "/" mapping in particular is that this mapping is
assigned, by default, to a servlet that serves static content. So, when
you make a request to a URL like:
http://localhost:8080/myapp/index.html
you generally won't have a servlet mapped to this -- and Tomcat assigns it
to the default file-serving servlet, which serves the "/index.html" static
resource from your web application for you.
If you map a servlet to "/", you have just *replaced* the standard
processing, because Tomcat will map the request to your servlet instead of
the standard one. Now, let's assume that the user has the rights they
need to access that resource and you want to let them have it. What
should your rights-checking servlet do?
That's right ... you're stuck. There is no way to ask Tomcat to serve the
resource, because there is no longer any mapping for the default
file-serving servlet.
The answer is to use a Filter instead, because a Filter can examine a
request *before* it is given to a servlet, and either intercept it (not
enough access rights) or pass it on (access rights are fine).
Do some google searches on "servlet filter" and you will find pointers to
some articles about how they work.
> Thank you!
Craig
>
> On Sat, 2002-08-10 at 00:40, Craig R. McClanahan wrote:
> >
> >
> > On Fri, 9 Aug 2002, Todd Kaplinger wrote:
> >
> > > Date: Fri, 09 Aug 2002 17:43:36 -0400
> > > From: Todd Kaplinger <[EMAIL PROTECTED]>
> > > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>,
> > > [EMAIL PROTECTED]
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: Problems with <url-pattern>*
> > >
> > > define a servlet mapping of just "/". this is the default servlet mapping.
> >
> > That's still not going to work for what the proposed use case was --
> > because you've just disabled the default file-serving servlet that serves
> > static content.
> >
> > Craig
> >
> >
> > --
> > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> >
>
>
>
> --
> To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
