• Post Reply Bookmark Topic Watch Topic
  • New Topic

Protecting direct access to JSP pages

 
Reema Patel
Ranch Hand
Posts: 169
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello All,
I'm new to JSF framework.
One of the strange things I noticed about JSF is that while I try to access the JSP pages directly (with .jsp extension) I get a NullPointerException. It works as expected when I access the JSP pages with .faces extension. Whay is that so?

I read somewhere that this can be countered by using the security-constraint tag in web.xml file.

Thanks,
Reema
 
Paul Speijers
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Reema,

When you access your JSF pages using the .jsp extension your files get interpreted as JSP pages. Therefore, you get a nullpointer exception because the JSF elements are not recognized.

You probably have the following servlet definition and mapping in your WEB-INF/web.xml:

<!-- Faces Servlet -->
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<!-- Faces Servlet Mapping -->
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>

This means that when an URL is encountered which ends with .faces, it is being handled by the Faces Servlet, which interprets the corresponding .jsp file as being a JSF file. Therefore, that does work.

Good luck!
 
Reema Patel
Ranch Hand
Posts: 169
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Paul said:
........you get a nullpointer exception because the JSF elements are not recognized.

This sounds apt. But, I do have the taglib definitions at the top of each JSP view. I believe everything inside the JSP page has to to with h and f tag libraries.


--Reema
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!