Steven Chou
Reputation: 2215
JSP filter the illegal url direct access
Has JSP filter setting can deny the direct URL access?
I means that accept all page links to another page, but when you're direct access the page, it's denied.
Like that when I entry to this page by previous page, it's allow:
edit.jsp?id=99
But I change the id
edit.jsp?id=100
it's illegal , because of direct access
I'm not using the framework struts2.Just simple JSP code.
thanks
Upvotes: 0
Views: 552
Answers (1)
Suresh Atta
Reputation: 122006
There is no way to stop an user to type that and hit.
Write a Servlet Filter and map all your jsp page which needs authentication, before processing the request.
There in the filter check weather user is authorized to view it or not.
http://docs.oracle.com/cd/E21764_01/web.1111/e13718/servlet.htm
Upvotes: 1
Related Questions
- Blocking direct URL access in JSF web application
- SpringFramework jsp set restricted urls JAVA
- how to disable direct access to pages from url for jsp pages
- How to disable processing of JSP URLs in Spring MVC?
- How do I prevent direct access of a jsp through a url?
- JSP deny direct access to URL by non-logged in user
- restrict url access in JSP
- How to restrict clients from accessing a webpage that contains parameters in the URL
- Using Filters to Restrict JSP Access?
- Mask urls in JSP