Reputation: 786
I am doing a web application using servlets and jsps. I had a index.html
Now i need to avoid direct access of my login page from browser
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Login App using Servlet and JSP</title>
</head>
<body bgcolor="pink">
<center>
<a href="Register.jsp">Register</a>
<a href="Login.jsp" >Login</a>
</center>
</body>
</html>
Now I want to prevent direct access of Login.jsp from the browser
http://localhost:9090/LoginAppWithServletsJSPJDBC/Login.jsp
By googling I came to know that I need to use <security-constraint>
for this.
Please help me .How can I achieve this.
Upvotes: 0
Views: 2585
Reputation: 46871
Simply move Login.jsp
under WEB-INF
that can't be accessed directly from the outside world.
Only application can access it whenever needed using RequestDispatcher
.
Sample code:
// put this logic anywhere in your application whenever needed to show Login.jsp
request.getRequestDispatcher("WEB-INF/Login.jsp").forward(request, response);
Please have a look at What is WEB-INF used for in a Java web application?
Upvotes: 3