struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lukasz Lenart <lukaszlen...@apache.org>
Subject Re: Url rewriting of .action to .jsp
Date Sun, 22 Sep 2013 16:56:52 GMT
You should never ever allow to access JSPs directly! Thus can be
potential security risk!

What you want to achieve are two actions:
- login-form.action to display login form
- login.action to submit login form to and perform validation/user login

Instead thinking about JSPs behind, think about actions.


Regards
-- 
Ɓukasz
+ 48 606 323 122 http://www.lenart.org.pl/

2013/9/22 Serdyn du Toit <dutoitns@gmail.com>:
> Hi,
>
> I have the following Struts action defined in Xml:
>     <package name="login" namespace="/admin/login" extends="default">
>         <default-interceptor-ref name="any" />
>
>         <action name="login"
> class="com.d6.adminweb.login.AdminUserLoginAction">
>             <result name="input">/admin/login/login.jsp</result>
>             <result name="success"
> type="redirect">/admin/dashboard/frames.jsp</result>
>         </action>
>     </package>
>
> When I submit the page and validation fails my browser has the following
> Url:
> http://localhost:8080/webapp/admin/login/login.action<http://localhost:8080/rf-adminweb/admin/login/login.action>
>
> How can I make it display
> http://localhost:8080/webapp/admin/login/login.j<http://localhost:8080/rf-adminweb/admin/login/login.action>
> sp
>
> If I never see .action in the browser I'd be happy :)
>
> I want it to be login.jsp so that someone can bookmark the page even after
> a failed form submission.  Sure, one can bookmark login.action - but then
> when you load the page you're going to see a lot of errors due to empty
> input fields (the Action's validation)
>
> Using a "redirect" worked for the second result type:
>             <result name="success"
> type="redirect">/admin/dashboard/frames.jsp</result>
>
> But in this case if I do that then my errors are no longer displayed on the
> page (guess it gets lost when I redirect)
>
> Any suggestions appreciated :)

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message