Java Jetty自动加载JSP支持，如何关闭？

在我的日志中，我在Jetty启动时看到以下内容：

 +-WebAppContext@560c3014@560c3014/,file:/C:/MyProjects/ProxyServer/PrepayProxyWebsiteJetty/webapps/root/,webapps/root started
    +-{org.apache.catalina.jsp_classpath=C:\MyProjects\ProxyServer\PrepayProxyWebsiteJetty\webapps\root\WEB-INF\classes, javax.servlet.context.tempdir=C:\Users\davidparks21\AppData\Local\Temp\jetty-0.0.0.0-80-root-_-any-}
    +-{org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher=WebApplicationContext for namespace 'dispatcher-servlet': startup date [Tue Nov 09 14:38:47 ICT 2010]; parent: Root WebApplicationContext, org.springframework.web.context.support.ServletContextScope=org.springframework.web.context.support.ServletContextScope@3ab6f7f5, org.springframework.web.context.WebApplicationContext.ROOT=Root WebApplicationContext: startup date [Tue Nov 09 14:38:46 ICT 2010]; root of context hierarchy}
    +-SessionHandler@6f7918f0 started
       +-ConstraintSecurityHandler@47f08ed8 started
          +-[]
          +-/={TRACE={RoleInfo,F,C[]}}
          +-ServletHandler@77546dbc started
             +-[/*]/[]==0=>springSecurityFilterChain{}
             +-[/]=>default{resourceCache=resourceCache, maxCacheSize=256000000, dirAllowed=true, gzip=true, maxCachedFileSize=10000000, redirectWelcome=false, acceptRanges=true, welcomeServlets=false, aliases=false, useFileMappedBuffer=true, maxCachedFiles=2048}
             +-[*.jsp, *.jspf, *.jspx, *.xsp, *.JSP, *.JSPF, *.JSPX, *.XSP]=>jsp{logVerbosityLevel=DEBUG, fork=false, com.sun.appserv.jsp.classpath=<list_removed>, xpoweredBy=false, scratchdir=C:\Users\davidparks21\AppData\Local\Temp\jetty-0.0.0.0-80-root-_-any-\jsp}
             +-[/]=>dispatcher{}

+-WebAppContext@560c3014@560c3014/，文件：/C:/MyProjects/ProxyServer/preadwardproxywebsitejetty/webapps/root/，webapps/root已启动
+-{org.apache.catalina.jsp_classpath=C:\MyProjects\ProxyServer\preadwardproxywebsitejetty\webapps\root\WEB-INF\classes，javax.servlet.context.tempdir=C:\Users\davidparks21\AppData\Local\Temp\jetty-0.0.0-80-root-\u0-any-}
+-{org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher=WebApplicationContext，用于命名空间“dispatcher servlet”：启动日期[星期二11月9日14:38:47]；父：根WebApplicationContext，org.springframework.web.context.support.ServletContextScope=org.springframework.web.context.support。ServletContextScope@3ab6f7f5，org.springframework.web.context.WebApplicationContext.ROOT=根WebApplicationContext:启动日期[Tue Nov 09 14:38:46 ICT 2010]；上下文层次结构的根}
+-SessionHandler@6f7918f0起动
+-ConstraintSecurityHandler@47f08ed8起动
+-[]
+-/={TRACE={RoleInfo，F，C[]}
+-ServletHandler@77546dbc起动
+-[/*]/[]==0=>springSecurityFilterChain{}
+-[/]=>默认值{resourceCache=resourceCache，maxCacheSize=256000000，dirAllowed=true，gzip=true，maxCachedFileSize=10000000，redirectWelcome=false，acceptRanges=true，welcomeServlets=false，Alias=false，useFileMappedBuffer=true，MaxCachedFile=2048}
+-[*.jsp、*.jspf、*.jspx、*.xsp、*.jsp、*.jspf、*.jspx、*.xsp]=>jsp{logverpositylevel=DEBUG，fork=false，com.sun.appserv.jsp.classpath=，xpoweredBy=false，scratchdir=C:\Users\davidparks21\AppData\Local\Temp\jetty-0.0.0-80-root-\uuany-\jsp}
+-[/]=>调度程序{}

在我的webapps web.xml中，我定义了springSecurityFilterChain（）和dispatcher（），但没有定义default和jsp

看来JSP支持在默认情况下是打开的，这不应该，我使用的是velocity。有没有办法禁用此功能

我还看到有一个默认值dirAllowed=true，这让我很紧张，它不应该存在吗

My web.xml：

<?xml version="1.0" encoding="utf-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xmlns="http://java.sun.com/xml/ns/javaee"
         xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
                             http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">

    <!-- ~~~~~~~~~~~~~~~ SPRING DISPATCHER SERVLET ~~~~~~~~~~~~~~~ -->
    <!-- Allows Spring to handle all web requests -->
    <servlet>
        <servlet-name>dispatcher</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>dispatcher</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

    <!-- ~~~~~~~~~~~~~~~ SPRING SECURITY HOOK ~~~~~~~~~~~~~~~ -->
    <!-- All web requests go through security validation -->
    <filter>
      <filter-name>springSecurityFilterChain</filter-name>
      <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
      <filter-name>springSecurityFilterChain</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping>

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <!-- ~~~~~~~~~~~~~~~ BEAN SCOPES FOR WEB ~~~~~~~~~~~~~~~ -->
    <!-- Adds support for scoping beans as: 'request', 'session', and 'global session' -->
    <listener>
        <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
    </listener>

</web-app>

调度员
org.springframework.web.servlet.DispatcherServlet
1.
调度员
/
springSecurityFilterChain
org.springframework.web.filter.DelegatingFilterProxy
springSecurityFilterChain
/*
org.springframework.web.context.ContextLoaderListener
org.springframework.web.context.request.RequestContextListener

在Jetty 7.1.2中，如果lib/JSP中的类位于Jetty的类路径中，则JSP支持将打开，否则将关闭。start.jar的OPTIONS=jsp参数只是控制它们在类路径中的存在

另一个禁用JSP支持的选项来自。本质上，每个部署的web应用的默认描述符都包含一个JSP/Servlet映射。如果不需要JSP，则通过将

setDefaultsDescriptor

设置为

null

来禁用给定上下文中的JSP。例如：

WebAppContext wac = new WebAppContext();
wac.setDefaultsDescriptor( null ); 

---

有关详细信息，请参见。

这是Jetty 7.2.0。我只是注意到一个看起来很奇怪的日志文件，它似乎暗示JSP支持已经启动，但我并没有真正尝试让它工作。我没有任何jsp或jsp文件夹，我确信在您下载的jetty分发目录中有一个lib/jsp目录，除非您手动删除它。