• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Security issues with JSPs

 
Ranch Hand
Posts: 85
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
JSP gurus ,

I dont want to deploy JSP file out there on our client site . ( Mainly due to security but also due to performance ). I want the App server to use the precompiled class just like any other servlet class .

How do i do this ?

( I achieved this by using some global properties on my App server , but the moment i remove my JSPs , my application collapses as Welcome files lists are not working .)

Thanks
 
Sheriff
Posts: 10445
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Here are some links which you might find helpful:

Improve performance of application using precompilation of JSPs

Precompile JSP using JSPC, through build
 
author and cow tipper
Posts: 5009
1
Hibernate Spring Tomcat Server
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'd like to know what your concerns are with JSP files. Seems like you're a little coy with components that the industry has wholeheartedly endorsed. Are you just worried about people seeing your scripts in your JSP?

Are you worried about clients downloading your JSP files from the war? You can certainly secure JSPs in the same manner you secure Servlets - just name them in the web.xml file and shove them behind the web-inf directory.

Tell us your fears - let us dispell them!
[ August 27, 2006: Message edited by: Bear Bibeault ]
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic