• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Liutauras Vilda
  • Paul Clapham
Sheriffs:
  • paul wheaton
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Piet Souris
Bartenders:
  • Mike London

a conceptual problem with security in spring

 
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i programming a spring mvc project.
i want to people who see my web only can see page throw a controller=>view for example can't access a page by type localhost/web-inf/home.jsp that no touch controller and only can see home page by a controller way to view for example localhost/home
can you give me some suggerstion??

i will be realy greatfull for any help with spring mvc or spring security capabilities.
thanks
 
ranger
Posts: 17347
11
Mac IntelliJ IDE Spring
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
"localhost/web-inf/home.jsp"

JSP/Servlet spec blocks the WEB-INF directory from people being able to access it directly. So not something that Spring Security needs to do to stop that, it is already built into JSPs/Servlets spec.

Mark
 
sina poores
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
yes.you are right.i have a mistake in deployment that cause this problem.
thanks
 
reply
    Bookmark Topic Watch Topic
  • New Topic