如何防止Jetty中的目录列表?

时间:2017-04-07 17:58:35

标签: java spring hibernate jetty

基本上我有这个jetty服务器在我的本地运行。但我无法访问我的index.jsp文件I see like that

这是我的web.xml文件,你看我使用Apache CXF,还使用Spring,Hibernate和Jetty 

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
                             http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
         version="3.1">  

    <context-param>

        <param-name>contextConfigLocation</param-name>
        <param-value>classpath:applicationContext.xml,classpath:Spring-Security.xml</param-value>
    </context-param>

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <!-- Spring Security Start -->
    <listener>
        <listener-class>
            org.springframework.web.context.request.RequestContextListener
        </listener-class>
    </listener>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy
        </filter-class>
    </filter>
    <!-- Projenin ana url'inden itibaren spring security aktif ediliyor -->
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
    <!-- Spring Security End -->
    <servlet>
        <servlet-name>CXFServlet</servlet-name>
        <servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>

        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>CXFServlet</servlet-name>
        <url-pattern>/*</url-pattern>
    </servlet-mapping>

</web-app>

我该如何解决它。我在哪里做错了?

1 个答案:

答案 0 :(得分:3)

这已在少数地方得到解答on StackOverflow。您只需要在默认servlet上将dirAllowed参数设置为false。这可以在servlet描述符的WEB-INF/web.xml中完成,也可以通过提供修改后的etc/webdefault.xml文件(例如,通过Jetty中的deploy模块)在任何上下文之前加载。

在任一文件中,这看起来都像:

<servlet>
    <servlet-name>default</servlet-name>
    <servlet-class>org.eclipse.jetty.servlet.DefaultServlet</servlet-class>
    ....
    <init-param>
        <param-name>dirAllowed</param-name>
        <param-value>false</param-value>
    </init-param>
    ....
</servlet>

作为用户Eng.Fouad points out,这也可以定义为上下文参数:

<context-param>
    <param-name>org.eclipse.jetty.servlet.Default.dirAllowed</param-name>
    <param-value>false</param-value>
</context-param>
相关问题
最新问题