Only 44 hours left in the trailboss' kickstarter!

New rewards and stretch goals. CLICK HERE!



Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

a conceptual problem with security in spring  RSS feed

 
sina poores
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i programming a spring mvc project.
i want to people who see my web only can see page throw a controller=>view for example can't access a page by type localhost/web-inf/home.jsp that no touch controller and only can see home page by a controller way to view for example localhost/home
can you give me some suggerstion??

i will be realy greatfull for any help with spring mvc or spring security capabilities.
thanks
 
Mark Spritzler
ranger
Sheriff
Posts: 17309
11
IntelliJ IDE Mac Spring
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"localhost/web-inf/home.jsp"

JSP/Servlet spec blocks the WEB-INF directory from people being able to access it directly. So not something that Spring Security needs to do to stop that, it is already built into JSPs/Servlets spec.

Mark
 
sina poores
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes.you are right.i have a mistake in deployment that cause this problem.
thanks
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!