I am trying to hide the JSP so they can only be accessed via a forward. I have been able to put them in a subdirectory of WEB-INF using other containers but have not been able to do that with Tomcat 5.5.
We are not using Struts but it is the same approach where our business logic is servlet/action based and we only use JSP for presentation. A common practice would be to put the JSP page in the root directory of the WAR like following: /HelloWorld.jsp /WEB-INF/web.xml /WEB-INF/classes/HelloWorld.class This would allow the user to access the JSP page through the servlet with http://localhost:8080/app/HelloWorld or directly with http://localhost:8080/app/HelloWorld.jsp. I want to use to only be able to access the JSP page through the servlet and the directory of the WAR would like the following: /WEB-INF/web.xml /WEB-INF/classes/HelloWorld.class /WEB-INF/jsp/HelloWorld.jsp The HelloWorld servlet would use the JSP for presentation by forwarding to it using code like the fllowing: RequestDispatcher dispatcher = request.getRequestDispatcher(" /WEB-INF/jsp/HelloWorld.jsp"); I get the following errors: 09:22:57,253 [[/app].log 636] INFO - Marking servlet org.apache.catalina.INVOKER.WEB-INF as unavailable 09:22:57,269 [[/app].log 665] ERROR - Error loading WebappClassLoader delegate: false repositories: /WEB-INF/classes/ ----------> Parent Classloader: [EMAIL PROTECTED] WEB-INF java.lang.ClassNotFoundException: WEB-INF at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1332) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1181) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1027) at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:750) at org.apache.catalina.servlets.InvokerServlet.serveRequest(InvokerServlet.java:369) at org.apache.catalina.servlets.InvokerServlet.doGet(InvokerServlet.java:133) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301) .... 09:22:57,269 [[/app].log 665] ERROR - invoker: Cannot allocate servlet instance for path /app/WEB-INF/jsp/HelloWorld.jsp javax.servlet.ServletException: Wrapper cannot find servlet class WEB-INF or a class it depends on at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1035) at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:750) at org.apache.catalina.servlets.InvokerServlet.serveRequest(InvokerServlet.java:369) at org.apache.catalina.servlets.InvokerServlet.doGet(InvokerServlet.java:133) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301) ... Most of the discussions I have read are either old or pertaining to securing them via authentication/authorization but I do not want a user to be able to enter a URL containing a JSP page under any conditions. Any suggestions on how I can hide my JSP pages? Thanks, Wes.
