tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Haynes" <>
Subject Re: Hiding a jsp file from public access?
Date Wed, 28 Feb 2001 08:43:53 GMT

I'm using exactly the same architecture and have Apache up front, so
I'm planning to put my jsps in a sub-dir JSP of their own and then use
<Location "/JSP/">
    AllowOverride none
    deny from all
in my Apache Virtual Host definition
. . . but I have not got that far yet, so can't say that it works.

Haven't seen a tomcat-only way of doing this.

Chris Haynes

----- Original Message -----
From: "Ben Flaumenhaft" <>
To: <>
Sent: Wednesday, February 28, 2001 12:28 AM
Subject: Hiding a jsp file from public access?

> Folks,
> Is there anything in Tomcat or in the .war file specification to
> non-forwarded access to a JSP? Where's the appropriate place to do
> I'm using the MVC, or so-called model 2 approach, where a servlet
> and then forwards to a JSP. Users should NOT be able to ask for the
> only the servlet (because the servlet needs to prepare context,
> security, etc.). What's the correct way?
> Thanks,
> Ben Flaumenhaft
> Principal, Sidelight Consulting
> --------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, email:

View raw message