R
Robert Watkins
Okay, so we're upgrading to Tomcat 6, and we've encountered a difficulty.
In order to keep URLs consistent (for simpler log parsing and for
cosmetic reasons) the idea is to have a servlet as the controller and a
JSP for the display, but only ever to have the servlet URL visible to the
user. As such:
servlet: /path/servlet
jsp: /path/page.jsp
The main access is through the servlet, and at the appropriate moment the
user is forwarded to the JSP, using:
RequestDispatcher dispatcher =
request.getRequestDispatcher("/path/page.jsp");
dispatcher.forward(request, response);
Using Tomcat 5.0, I was able, in the JSP, to use (nothing really hard
coded):
if (request.getRequestURL().toString().indexOf("page.jsp") != -1) {
response.sendRedirect("/path/servlet");
return;
}
.... because the request URL was that of the servlet from which the
forward was called. In Tomcat 6, however, the request URL is that of the
forward target.
Reading the API, it looks as if this should have been the behaviour all
along, but that's moot. The question is: How can I prevent direct access
to the JSP in another way?
Cheers,
-- Robert
In order to keep URLs consistent (for simpler log parsing and for
cosmetic reasons) the idea is to have a servlet as the controller and a
JSP for the display, but only ever to have the servlet URL visible to the
user. As such:
servlet: /path/servlet
jsp: /path/page.jsp
The main access is through the servlet, and at the appropriate moment the
user is forwarded to the JSP, using:
RequestDispatcher dispatcher =
request.getRequestDispatcher("/path/page.jsp");
dispatcher.forward(request, response);
Using Tomcat 5.0, I was able, in the JSP, to use (nothing really hard
coded):
if (request.getRequestURL().toString().indexOf("page.jsp") != -1) {
response.sendRedirect("/path/servlet");
return;
}
.... because the request URL was that of the servlet from which the
forward was called. In Tomcat 6, however, the request URL is that of the
forward target.
Reading the API, it looks as if this should have been the behaviour all
along, but that's moot. The question is: How can I prevent direct access
to the JSP in another way?
Cheers,
-- Robert