The URL below, the first content in the chosen answer describes JSP hiding.
http://stackoverflow.com/questions/2523430/hidden-features-of-jsp-servlet/2525995#2525995
I so far understand that I can put jsp files under /WEB-INF directory. So that it prevents a user from direct access like http://test.com/WEB-INF/register.jsp (return 404)
I thought I understand but not and wants to describe better so I'm opening up the question here.
I have, say, 2 jsp files like below.
webapps/ROOT/home.jsp
webapps/ROOT/WEB-INF/register.jsp
NOTE: /go_register is mapped to the servlet class Register in web.xml (DD)
home.jsp
<html>
<body>
<a href="/go_register">Go to register.jsp</a>
<body>
</html>
register.jsp
<html>
<body>
<form method="post" action="/process_register">
<input type="submit">
</form>
<body>
</html>
So.. since register.jsp resides under /WEB-INF/, only RequestDispatcher can access to it. That means I need to create servlet for forwarding the request.
public class Register extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String address = "/WEB-INF/register.jsp";
request.getRequestDispatcher(address).forward(request, response);
}
}
But this looks not right. If I want to add login page /WEB-INF/login.jsp to home.jsp, in order to access to the login.jsp, I have to create another servlet just for going to the login page purpose???
public class Login extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String address = "/WEB-INF/login.jsp";
request.getRequestDispatcher(address).forward(request, response);
}
}
I think I am using the technique in the wrong way. Could anyone explain how to use this jsp hiding?