I am completely new to jsp, but I was looking at this option as it seems to address my needs.
Basically, I am looking to have a jsp url hhtp://<webserver:8080>/index.jsp which would have a input variable box. The input to this should be passed as input to a shell script.
Appreciate your help!!
Girish Singh wrote:
Basically, I am looking to have a jsp url hhtp://<webserver:8080>/index.jsp which would have a input variable box. The input to this should be passed as input to a shell script.!
A really really bad idea. One should never give a user the opportunity to execute arbitrary, possibly malicious, code on your server.
What problem are you trying to solve?
Even so, this would not be the type of thing you would do from a JSP, but rather in a servlet that the JSP would submit to. But really, you do not want to open up this type of security hole.
But, in any case, and as I said, this is not something that you would do in a JSP, but rather a servlet (or Java class delegated by the servlet).
Girish Singh wrote:The shell script that i have explicitly does a certain function (which is not harmful).
All it needs is a input variable for the script.. and it is in the intranet and secure.
I would be interested to know what sort of input variable the script needs. Since it is being executed on the server it must relate to the server and must therefore have a very limited domain. Cannot you present the user with a list of possible values and get your user to select one. Your server can then check that the value provided is actually one from the list.
P.S. there are malicious people on an Intranet as well as on the Internet!