S
Stuart
Can't find a hard answer in the docs, so trying here:
When I do this:
web.xml
-------
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<init-param>
<param-name>config/app2</param-name>
<param-value>/WEB-INF/struts-config-app2.xml</param-value>
</init-param>
Here are the actions:
1. ExampleAction in struts-config.xml
<action path="/exampleaction"
type="org.me.actions.ExampleAction"
scope="request"
validate="true">
<forward name="success" path="/WEB-INF/index.jsp"
redirect="false"/>
...
</action>
This is properly accessible at
http://box/servlet/exampleaction.do
The JSP is properly protected under /WEB-INF.
2. ExampleAction2 in struts-config-app2.xml
<action path="/exampleaction2"
type="org.me.actions.ExampleAction2"
scope="request"
validate="true">
<forward name="success" path="/WEB-INF/app2.jsp" redirect="false"/>
...
</action>
This is properly accessible at
http://box/servlet/app2/exampleaction.do
But I get an error that there is no JSP at this location:
/app2/WEB-INF/app2.jsp
So it is obvious that the module name is being prepended to the path
for the JSP -- and that is desirable. What is not is the broken JSP.
So, if I move app2.jsp out of the WEB-INF directory and into a
directory of the same name as my module, like this:
/WEB-INF/index.jsp (for exampleaction.do)
/app2/index.jsp (for exampleaction2.do)
....then things render properly. Great! Except...
My problem is I want my JSPs under app2 to _also_ be protected by
WEB-INF, ie. not available to the browser unless going through the
controller.
Anyone else dealing with this?
Has anyone found decent docs on the subject?
Workaround?
Thanks,
Stuart
When I do this:
web.xml
-------
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<init-param>
<param-name>config/app2</param-name>
<param-value>/WEB-INF/struts-config-app2.xml</param-value>
</init-param>
Here are the actions:
1. ExampleAction in struts-config.xml
<action path="/exampleaction"
type="org.me.actions.ExampleAction"
scope="request"
validate="true">
<forward name="success" path="/WEB-INF/index.jsp"
redirect="false"/>
...
</action>
This is properly accessible at
http://box/servlet/exampleaction.do
The JSP is properly protected under /WEB-INF.
2. ExampleAction2 in struts-config-app2.xml
<action path="/exampleaction2"
type="org.me.actions.ExampleAction2"
scope="request"
validate="true">
<forward name="success" path="/WEB-INF/app2.jsp" redirect="false"/>
...
</action>
This is properly accessible at
http://box/servlet/app2/exampleaction.do
But I get an error that there is no JSP at this location:
/app2/WEB-INF/app2.jsp
So it is obvious that the module name is being prepended to the path
for the JSP -- and that is desirable. What is not is the broken JSP.
So, if I move app2.jsp out of the WEB-INF directory and into a
directory of the same name as my module, like this:
/WEB-INF/index.jsp (for exampleaction.do)
/app2/index.jsp (for exampleaction2.do)
....then things render properly. Great! Except...
My problem is I want my JSPs under app2 to _also_ be protected by
WEB-INF, ie. not available to the browser unless going through the
controller.
Anyone else dealing with this?
Has anyone found decent docs on the subject?
Workaround?
Thanks,
Stuart