RE: tomcat Webapp security.

> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: tomcat Webapp security. > > Ugh. What about re-mapping the jsp-servlet to only process > things in a subdir? Might work, but I haven't looked at the code to see if the JspServlet can handle the prefix

Re: tomcat Webapp security.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, Caldarale, Charles R wrote: >> From: Christopher Schultz [mailto:[EMAIL PROTECTED] >> Subject: Re: tomcat Webapp security. >> >> >> jsp >> *.jsp >> >> >>

Re: tomcat Webapp security.

wrote: > From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: tomcat Webapp security. > > > jsp > *.jsp > > > jsp > *.jspx > > (Not sure why this mapping is in there twice, but whatever...) They ar

RE: tomcat Webapp security.

> From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Subject: Re: tomcat Webapp security. > > > jsp > *.jsp > > > jsp > *.jspx > > (Not sure why this mapping is in there twice, but whatever...) They are

Re: tomcat Webapp security.

Thanks. I'll look it up. :) - Original Message From: Christopher Schultz <[EMAIL PROTECTED]> To: Tomcat Users List Sent: Tuesday, January 23, 2007 1:11:58 PM Subject: Re: tomcat Webapp security. -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sachin, Sachin Patel wrote:

Re: tomcat Webapp security.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sachin, Sachin Patel wrote: >> Another option is to place your uploaded files in a particular >> subdirectory and then configure the JSP servlet to ignore that >> directory. Or probably more appropriately, configure that directory >> to serve everyt

Re: tomcat Webapp security.

>Another option is to place your uploaded files in a particular >subdirectory and then configure the JSP servlet to ignore that >directory. Or probably more appropriately, configure that directory to >serve everything through the generic servlet that just does static content. This is exectly what

Re: tomcat Webapp security.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David and Sachin, David Smith wrote: > The best method I can think of is to store the jsp in a directory > outside your tomcat and outside your webapp. Then configure the path to > the storage in either the context.xml or web.xml for your webapp and

Re: tomcat Webapp security.

The best method I can think of is to store the jsp in a directory outside your tomcat and outside your webapp. Then configure the path to the storage in either the context.xml or web.xml for your webapp and use a ServletContextListener to load up an application scope attribute with the path. Last

tomcat Webapp security.

I have a web application and a functionality to be able to upload files to one of the folders inside it and be able to access it using direct link URL. now I am wondering if someone uploads .jsp file, how would I stop tomcat from compiling and running that file when someone requests that same fi