H
harryos
hi
i wanted to prevent users from calling my servlets directly and wrote
a controller servlet which takes a request parameter and redirects to
the other servlets by means of a RequestDispatcher
I put the servlet mappings for the servlets inside a <security-
constraint> block .
<security-constraint>
<servlet-mapping>
<servlet-name>Weather</servlet-name>
<url-pattern>/weather</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Maps</servlet-name>
<url-pattern>/maps</url-pattern>
</servlet-mapping>
</security-constraint>
and the controller servlet is invoked by any url
<servlet-mapping>
<servlet-name>ControllerServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
In the Controller i used
RequestDispatcher dispatcher = null;
String param = request.getParameter("go");
if (param == null)
throw new ServletException("Missing parameter in Controller.");
else if (param.equals("weather"))
dispatcher = request.getRequestDispatcher("/weather");
else if (param.equals("maps"))
dispatcher = request.getRequestDispatcher("/maps");
if (dispatcher != null)
dispatcher.forward(request,response);
When i call http://localhost:8080/myapp/?go=weather it causes
java.lang.StackOverflowError..
The program works if i don't use the
<security-constraint> </security-constraint> block around the mapping
for the two servlets.But then anyone can call them by
http://localhost:8080/myapp/weather or http://localhost:8080/myapp/maps
...
can someone explain why i am getting this error?
i wanted to prevent users from calling my servlets directly and wrote
a controller servlet which takes a request parameter and redirects to
the other servlets by means of a RequestDispatcher
I put the servlet mappings for the servlets inside a <security-
constraint> block .
<security-constraint>
<servlet-mapping>
<servlet-name>Weather</servlet-name>
<url-pattern>/weather</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Maps</servlet-name>
<url-pattern>/maps</url-pattern>
</servlet-mapping>
</security-constraint>
and the controller servlet is invoked by any url
<servlet-mapping>
<servlet-name>ControllerServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
In the Controller i used
RequestDispatcher dispatcher = null;
String param = request.getParameter("go");
if (param == null)
throw new ServletException("Missing parameter in Controller.");
else if (param.equals("weather"))
dispatcher = request.getRequestDispatcher("/weather");
else if (param.equals("maps"))
dispatcher = request.getRequestDispatcher("/maps");
if (dispatcher != null)
dispatcher.forward(request,response);
When i call http://localhost:8080/myapp/?go=weather it causes
java.lang.StackOverflowError..
The program works if i don't use the
<security-constraint> </security-constraint> block around the mapping
for the two servlets.But then anyone can call them by
http://localhost:8080/myapp/weather or http://localhost:8080/myapp/maps
...
can someone explain why i am getting this error?