Hi C.F.,
There's actually a whole bunch of ways to accomplish this... this is
almost certainly not a complete list, but just off the top of my head...
(1) Place all your JSPs in WEB-INF. By definition, they can only be
reached by forwarding from something, be it a servlet or Struts Action,
on the server.
(2) Use container-managed security. I believe another poster mentioned
this already as I was typing this response :)
(3) Set some value in the request as an attribute in your Action, and
then check for it in the JSP. If it isn't there, forward to some "not
allowed" JSP.
(4) Use a filter that rejects any request for a JSP, forwarding to a
"not allowed" page.
Like I said, there are probably other choices too.
Frank
C.F. Scheidecker Antunes wrote:
Hello All,
I have an action that reads from the database and return a rowSet bean
to the request scope.
Then I iterate the bean on my JSP and show the data.
Everything works.
I however have a problem. I can access the JSP straight if I type the URL.
That is, I want the JSP only to be shown if it is called from the
action. I have a forward called "success" and
mapped to my struts-config.xml. On success I forward to the jsp
I would like to hide the JSP from the user, is it possible?
How?
Thanks,
C.F.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
.
--
Frank W. Zammetti
Founder and Chief Software Architect
Omnytex Technologies
http://www.omnytex.com
AIM: fzammetti
Yahoo: fzammetti
MSN: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]