Java Reference
In-Depth Information
Notice the <servlet-mapping> tag. Because we like to feel as if we are clever,
we decided to depart from the standard .do extension to map requests to the
ActionServlet . Instead of the standard .do , we have gone with an .shtml . The
only reason for this is to jokingly make it look as if we are using an old technology.
Who knows—perhaps it will also deter a few people from trying to hack the site
(not likely).
When using Struts, it is important to prevent direct access to JSP pages. All JSP
pages that are used by JGameStore are placed under the pages directory. Since all
the JSP pages are under a directory, we can simply prevent direct access to that
directory (listing 14.2). This ensures that access to the JSP pages goes through the
Struts ActionServlet .
Listing 14.2
security configuration in web.xml
Restrict access to JSP pages
With no roles defined, no access granted
Having set up our web.xml , we can focus on creating the specific classes and con-
figurations for the Struts presentation layer. We'll go into some detail on taking
advantage of Struts' BeanAction approach.
14.6 Setting up the presentation
Because the catalog is the portion of the application that is used first by shopping
cart visitors, let's focus our efforts next on setting up the presentation portion that
supports it.
The first step
When a visitor arrives in JGameStore, they are greeted with an initial page. It is an
important rule in web applications that when using Struts you always forward
Search WWH ::

Custom Search