Problems with servlet-mapping to redirect some JSPs...

Hello,

I wanted to redirect all requests for any JSP (*.jsp) under "folderB" to a jsp file under "folderA". So I added the following in my web.xml.

...
<servlet>
<servlet-name>Test</servlet-name>
<jsp-file>/folderA/test.jsp</jsp-file>
</servlet>
...
<servlet-mapping>
<servlet-name>Test</servlet-name>
<url-pattern>/folderB/*.jsp</url-pattern>
</servlet-mapping>
...


But I got the exception below when Tomcat/5.0.25 was starting with the settings. As far as I know, the setting should work....

...
java.lang.IllegalArgumentException: Invalid <url-pattern> /folderB/*.jsp in servlet mapping
at org.apache.commons.digester.Digester.createSAXException(Digester.java:2540)
at org.apache.commons.digester.Digester.createSAXException(Digester.java:2566)
...

If I remove the <servlet-mapping> part, the engine starts fine.

Does anyone know how I can solve the problem?
Thank you for your time.

luke

[ July 06, 2004: Message edited by: Yunseuk Kim ]
[ July 06, 2004: Message edited by: Yunseuk Kim ]

<servlet-mapping> <servlet-name>Test</servlet-name> <url-pattern>/folderB/*.jsp</url-pattern> </servlet-mapping>

Use following mapping

<servlet-mapping>
<servlet-name>Test</servlet-name>
<url-pattern>/folderB/test.jsp</url-pattern>
</servlet-mapping>

you can give anything instead of test in above code. This will work

Thanks.

But you seem to make the scope of redirection narrow down.

I want all the jsp files (*.jsp) under "folderB" to be redirected at the deployment descriptor level, as I originally mentioned like below.


Goal
--------------------
/folderB/*.jsp --> /folderA/test.jsp


My web.xml
--------------------
...
<servlet>
<servlet-name>Test</servlet-name>
<jsp-file>/folderA/test.jsp</jsp-file>
</servlet>
...
<servlet-mapping>
<servlet-name>Test</servlet-name>
<url-pattern>/folderB/*.jsp</url-pattern>
</servlet-mapping>
...

I have the same problem I just want to set up a security realm that blocks access to jsp files but not to images,stylesheets, etc...

java.lang.IllegalArgumentException: Invalid <url-pattern> /*.jsp in security constraint

I don't know why that wouldn't work. Perhaps you can achieve the same goal by mapping the url to a filter, and have the filter forward the request to your jsp page. Put something like this in your web.xml:

<filter>
<filter-name>TestFilter</filter-name>
<filter-class>TestFilter</filter-class>
</filter>
...
<filter-mapping>
<filter-name>TestFilter</filter-name>
<url-pattern>/folderB/*.jsp</url-pattern>
</filter-mapping>


And in the doFilter method of TestFilter, forward the request to the jsp page in folerA by calling request.getRequestDispatcher("/folderA/test.jsp").forward(request, response);

But I haven't tried it so I don't know if that actually works...

Hi Yunseuk,
I wonder if what you want is possible just by adding,servlet..and servlet-mapping tags.

Cause after digging into web.xml of conf/web.xml and myapps/WEB-INF/web.xml I could understand the following.

You have an entry in conf/web.xml as
<servlet> <servlet-name>jsp</servlet-name> <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class> <init-param> <param-name>logVerbosityLevel</param-name> <param-value>WARNING</param-value> </init-param> <load-on-startup>3</load-on-startup> </servlet> <servlet-mapping> <servlet-name>jsp</servlet-name> <url-pattern>*.jsp</url-pattern> </servlet-mapping>

Which is sensible, as your jsp is not executed by server, its an servlet, converted of this jsp who plays role of execution, so obviously you need some one to take charge of calling this translated servlet when .jps page is requested, and this some one is org.apache.jasper.servlet.JspServlet.

Now if we try to comment this mapping then every *.jsp page request will be considered as FTP request, and sever will simply display this jsp file source code) with out executing it.

No if we add following mapping in mywebapps/WEB-INF/web.xml..

<servlet> <servlet-name>TestJSP</servlet-name> <servlet-class>/folderA/MY.jsp</servlet-class> </servlet> <servlet-mapping> <servlet-name>TestJSP</servlet-name> <url-pattern>/FolderB/*.jsp</url-pattern> </servlet-mapping>

SO i guess this entry should overwrite (take precedence over) the entry in conf/web.xml which says every request ending with *.jsp must be handled by org.apache.jasper.servlet.JspServlet..this sounds cool..but if this happens then server will pass following entry /FolderB/Test.jsp to folderA/MY.jsp

and will try to find a Servletcalled MY.jsp....resulting in 404 Error..., Servlet /folderA/my.jsp not found...

I don't know if I'm 100 % correct so waiting eagerly for experts comment ...
Kindly put your thoughts

Cheers
-Praful
[ July 26, 2004: Message edited by: Praful Thakare ]

We had the same problem with a jsp-property-group url-pattern, and I did some searches on google on this topic (that's how I ended up in here for example)

Most clear result I found was:

http://www.mail-archive.com/tomcat-dev@jakarta.apache.org/msg43676.html

Where it says that mapping /somepath/*.something worked in a version of tomcat, but is removed since it does not comply with the Servlet specification.

This is what the servlet specification (2.4) allows:

A string beginning with a / character and ending with a /* suffix is used for path mapping.

A string beginning with a *. prefix is used as an extension mapping.

A string containing only the / character indicates the "default" servlet of the application. In this case the servlet path is the request URI minus the context path and the path info is null.

All other strings are used for exact matches only.

So what you (and we) are trying to do, cannot be done according to the Servlet 2.4 specification.

I just want to set up a security realm that blocks access to jsp files

If all you are trying to do is to make the JSP's innaccesbile (a good idea in any Model 2 web app), the easiest way to accomplish this is to put them in a folder structure under WEB-INF/.

The servlet container cannot directly serve anything under WEB-INF, but can be accessed from code within your app via forwards and includes.