7

In a simple Java web application, for example imagine you have a servlet TestServlet.java. In deployment description ( web.xml ) you can for example map the request coming to say /testpage to TestServlet so that when /testapplication/testpage is requested TestServlet handles the request. And you can for example write "Hello World" and send the response.

In directory structure ( the application that is deployed to the web server ), TestServlet.java will reside in:

webapps\testapplication\WEB-INF\classes\com\packagename\TestClass.java

which means there is no way to get to this file using the browser. ( Like entering a URL )

You can also get the request dispatcher and forward the request and response object to a JSP file like .getRequestDispatcher("/test.jsp"). But then the file will be in

webapps\testapplication\test.jsp

so connecting to http:\\server.com\test.jsp will also get this file.

I want to hide the file in WEB-INF folder so it can not be reached by the client except the mapping I have provided.

What is the appropriate way for doing this?

4

2 回答 2

10

我想将文件隐藏在 WEB-INF 文件夹中,这样客户端就无法访问它。

将 jsp 文件保存在WEB-INFexample -下(WEB-INF/jsp),这样默认情况下 Web Containers 不允许客户端直接访问 WEB-INF 文件夹下的资源,但RequestDispatcher可以访问它。

request.getRequestDispatcher("/WEB-INF/test.jsp").forward(request, response);
于 2013-11-07T18:38:00.917 回答
0

如果你使用的是jsf,你可以把这个文件放在WEB-INF文件夹中,并使用导航规则将请求映射到页面。但如果不是,您可以创建一个过滤器并使用该<url-pattern>属性将其映射到 url "/test.jsp" 并重定向到您想要的任何位置(如 WEB-INF 中的页面)。

于 2013-11-07T18:44:07.847 回答