Java Jetty自动加载JSP支持,如何关闭?
在我的日志中,我在Jetty启动时看到以下内容:Java Jetty自动加载JSP支持,如何关闭?,java,web-applications,spring-mvc,jetty,Java,Web Applications,Spring Mvc,Jetty,在我的日志中,我在Jetty启动时看到以下内容: +-WebAppContext@560c3014@560c3014/,file:/C:/MyProjects/ProxyServer/PrepayProxyWebsiteJetty/webapps/root/,webapps/root started +-{org.apache.catalina.jsp_classpath=C:\MyProjects\ProxyServer\PrepayProxyWebsiteJetty\webapps
+-WebAppContext@560c3014@560c3014/,file:/C:/MyProjects/ProxyServer/PrepayProxyWebsiteJetty/webapps/root/,webapps/root started
+-{org.apache.catalina.jsp_classpath=C:\MyProjects\ProxyServer\PrepayProxyWebsiteJetty\webapps\root\WEB-INF\classes, javax.servlet.context.tempdir=C:\Users\davidparks21\AppData\Local\Temp\jetty-0.0.0.0-80-root-_-any-}
+-{org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher=WebApplicationContext for namespace 'dispatcher-servlet': startup date [Tue Nov 09 14:38:47 ICT 2010]; parent: Root WebApplicationContext, org.springframework.web.context.support.ServletContextScope=org.springframework.web.context.support.ServletContextScope@3ab6f7f5, org.springframework.web.context.WebApplicationContext.ROOT=Root WebApplicationContext: startup date [Tue Nov 09 14:38:46 ICT 2010]; root of context hierarchy}
+-SessionHandler@6f7918f0 started
+-ConstraintSecurityHandler@47f08ed8 started
+-[]
+-/={TRACE={RoleInfo,F,C[]}}
+-ServletHandler@77546dbc started
+-[/*]/[]==0=>springSecurityFilterChain{}
+-[/]=>default{resourceCache=resourceCache, maxCacheSize=256000000, dirAllowed=true, gzip=true, maxCachedFileSize=10000000, redirectWelcome=false, acceptRanges=true, welcomeServlets=false, aliases=false, useFileMappedBuffer=true, maxCachedFiles=2048}
+-[*.jsp, *.jspf, *.jspx, *.xsp, *.JSP, *.JSPF, *.JSPX, *.XSP]=>jsp{logVerbosityLevel=DEBUG, fork=false, com.sun.appserv.jsp.classpath=<list_removed>, xpoweredBy=false, scratchdir=C:\Users\davidparks21\AppData\Local\Temp\jetty-0.0.0.0-80-root-_-any-\jsp}
+-[/]=>dispatcher{}
+-WebAppContext@560c3014@560c3014/,文件:/C:/MyProjects/ProxyServer/preadwardproxywebsitejetty/webapps/root/,webapps/root已启动
+-{org.apache.catalina.jsp_classpath=C:\MyProjects\ProxyServer\preadwardproxywebsitejetty\webapps\root\WEB-INF\classes,javax.servlet.context.tempdir=C:\Users\davidparks21\AppData\Local\Temp\jetty-0.0.0-80-root-\u0-any-}
+-{org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher=WebApplicationContext,用于命名空间“dispatcher servlet”:启动日期[星期二11月9日14:38:47];父:根WebApplicationContext,org.springframework.web.context.support.ServletContextScope=org.springframework.web.context.support。ServletContextScope@3ab6f7f5,org.springframework.web.context.WebApplicationContext.ROOT=根WebApplicationContext:启动日期[Tue Nov 09 14:38:46 ICT 2010];上下文层次结构的根}
+-SessionHandler@6f7918f0起动
+-ConstraintSecurityHandler@47f08ed8起动
+-[]
+-/={TRACE={RoleInfo,F,C[]}
+-ServletHandler@77546dbc起动
+-[/*]/[]==0=>springSecurityFilterChain{}
+-[/]=>默认值{resourceCache=resourceCache,maxCacheSize=256000000,dirAllowed=true,gzip=true,maxCachedFileSize=10000000,redirectWelcome=false,acceptRanges=true,welcomeServlets=false,Alias=false,useFileMappedBuffer=true,MaxCachedFile=2048}
+-[*.jsp、*.jspf、*.jspx、*.xsp、*.jsp、*.jspf、*.jspx、*.xsp]=>jsp{logverpositylevel=DEBUG,fork=false,com.sun.appserv.jsp.classpath=,xpoweredBy=false,scratchdir=C:\Users\davidparks21\AppData\Local\Temp\jetty-0.0.0-80-root-\uuany-\jsp}
+-[/]=>调度程序{}
在我的webapps web.xml中,我定义了springSecurityFilterChain()和dispatcher(),但没有定义default和jsp
看来JSP支持在默认情况下是打开的,这不应该,我使用的是velocity。有没有办法禁用此功能
我还看到有一个默认值dirAllowed=true,这让我很紧张,它不应该存在吗
My web.xml:
<?xml version="1.0" encoding="utf-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<!-- ~~~~~~~~~~~~~~~ SPRING DISPATCHER SERVLET ~~~~~~~~~~~~~~~ -->
<!-- Allows Spring to handle all web requests -->
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- ~~~~~~~~~~~~~~~ SPRING SECURITY HOOK ~~~~~~~~~~~~~~~ -->
<!-- All web requests go through security validation -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- ~~~~~~~~~~~~~~~ BEAN SCOPES FOR WEB ~~~~~~~~~~~~~~~ -->
<!-- Adds support for scoping beans as: 'request', 'session', and 'global session' -->
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
</web-app>
调度员
org.springframework.web.servlet.DispatcherServlet
1.
调度员
/
springSecurityFilterChain
org.springframework.web.filter.DelegatingFilterProxy
springSecurityFilterChain
/*
org.springframework.web.context.ContextLoaderListener
org.springframework.web.context.request.RequestContextListener
在Jetty 7.1.2中,如果lib/JSP中的类位于Jetty的类路径中,则JSP支持将打开,否则将关闭。start.jar的OPTIONS=jsp参数只是控制它们在类路径中的存在
另一个禁用JSP支持的选项来自。本质上,每个部署的web应用的默认描述符都包含一个JSP/Servlet映射。如果不需要JSP,则通过将setDefaultsDescriptor
设置为null
来禁用给定上下文中的JSP。例如:
WebAppContext wac = new WebAppContext();
wac.setDefaultsDescriptor( null );
有关详细信息,请参见。这是Jetty 7.2.0。我只是注意到一个看起来很奇怪的日志文件,它似乎暗示JSP支持已经启动,但我并没有真正尝试让它工作。我没有任何jsp或jsp文件夹,我确信在您下载的jetty分发目录中有一个lib/jsp目录,除非您手动删除它。