struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Weber <>
Subject Re: Module and pages Behind WEB-INF don't work...???
Date Thu, 29 Jul 2004 07:14:29 GMT
I don't have the exact fix you are looking for, but this (in web.xml) 
will prevent direct access to anything with a jsp extension:


Erik wrote:

> I want to do both "hide my JSPs behind WEB-INF" and use "Struts modules".
> and this does not work, I looked into the struts code. it does the 
> following
> If the path of ActionForward starts with "/", it obtains the module 
> prefix and prefixes this to the path so...
> If my path was say "/WEB-INF/pages/INY0010S.jsp" it becomes 
> "/iny/WEB-INF/pages/INY0010S.jsp"
> ( which is unwanted......I wanted..."/WEB-INF/pages/INY0010S.jsp" )
> but if the path of ActionForward does not start with "/", it leaves 
> the path as it is ( i.e. does not prefix the module-prefix)
> but then the requested URI becomes like this
> http://<ipaddress>:<port>/<web-context-root><ActionForward-path>
> instead of
> http://<ipaddress>:<port>/<web-context-root>/<ActionForward-path>
> so the problem is there is no slash - "/" before "<ActionForward-path>"
> so if my path was "WEB-INF/pages/INY0010S.jsp" it searches for 
> "http://<ipaddress>:<port>/<web-context-root>WEB-INF/pages/INY0010S.jsp"
> which gives error...Can anyone suggest the way out..?
> or does this require a fix ? only a Quick resolution of this will be 
> able help.
> Regards,
> Puneet Agarwal
> Tata Consultancy Services
> Mailto:
> Website:
>DISCLAIMER: The information contained in this message is intended only and solely for
the addressed individual or entity indicated in this message and for the exclusive use of
the said addressed individual or entity indicated in this message (or responsible for delivery
>of the message to such person) and may contain legally privileged and confidential information
belonging to Tata Consultancy Services. It must not be printed, read, copied, disclosed, forwarded,
distributed or used (in whatsoever manner) by any person other than the
>addressee. Unauthorized use, disclosure or copying is strictly prohibited and may constitute
unlawful act and can possibly attract legal action, civil and/or criminal. The contents of
this message need not necessarily reflect or endorse the views of Tata Consultancy Services
>on any subject matter. Any action taken or omitted to be taken based on this message is
entirely at your risk and neither the originator of this message nor Tata Consultancy Services
takes any responsibility or liability towards the same. Opinions, conclusions and any other
>information contained in this message that do not relate to the official business of Tata
Consultancy Services shall be understood as neither given nor endorsed by Tata Consultancy
Services or any affiliate of Tata Consultancy Services. If you have received this message
in error,
>you should destroy this message and may please notify the sender by e-mail. Thank you.
>To unsubscribe, e-mail:
>For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message