 | Mailing List | | Home | | Forum Home | | JBoss - Java Application Server | | Struts - A MVC web framework | | Tomcat - JSP/Servlet container | | iText - An open source PDF Java Library | | JDOM - JDOM XML Parser | | J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition | | J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog | | Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology | | JSP - A mailing list about Java Server Pages specification and reference | |
Struts & Hibernate
|
|
|
| | | Protecting resources under request dispacher declarativally? | Protecting resources under request dispacher declarativally? 2004-02-08 - By Katz Guy
Back
Hi;
I am using an MVC framework and need to enforce security constarints on JSPs
under a specific folder which is access through the framework navigation
handler.
My app structure:
/app/1.jsp
/app/protect/2.jsp //need to protect this
Its my understanding that the request dispatcher does not take into
consideration the security constraints. So if I put a constraint in the DD
on the 'protected' it will not do the trick. What is the thought behind
this?
Is there a way of doing this declaritavely?
What alternatives do I have(besides plain programatic)?
thanks
__ ____ ____ ____ ____ ____ ____ ____ ____ ____ ____ ____ ____ ____ ____ __
To unsubscribe, send email to listserv@(protected) and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2655.35">
<TITLE>Protecting resources under request dispacher declarativally?</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2 FACE="Arial">Hi;</FONT>
<BR><FONT SIZE=2 FACE="Arial">I am using an MVC framework and need to enforce
security constarints on JSPs under a specific folder which is access through
the framework navigation handler.</FONT></P>
<P><FONT SIZE=2 FACE="Arial">My app structure:</FONT>
<BR> <FONT SIZE=2 FACE="Arial">/app/1
.jsp</FONT>
<BR> <FONT SIZE=2 FACE="Arial">/app
/protect/2.jsp //need to protect this</FONT>
<BR><FONT SIZE=2 FACE="Arial">Its my understanding that the request dispatcher
does not take into consideration the security constraints. So if I put a
constraint in the DD on the 'protected' it will not do the trick. What is the
thought behind this?</FONT></P>
<P><FONT SIZE=2 FACE="Arial">Is there a way of doing this declaritavely?</FONT>
<BR><FONT SIZE=2 FACE="Arial">What alternatives do I have(besides plain
programatic)?</FONT>
<BR><FONT SIZE=2 FACE="Arial">thanks</FONT>
</P>
<BR>
</BODY>
</HTML>
__ ____ ____ ____ ____ ____ ____ ____ ____ ____ ____ ____ ____ ____ ____ __
To unsubscribe, send email to listserv@(protected) and include in the body
of the message "signoff SERVLET-INTEREST".
<p>
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
<p>
|
|
|
