DevGex Search

This paper examines the differences in how default servlets handle static content URL structures when deploying web applications across containers like Tomcat and Jetty. By analyzing the custom StaticServlet implementation from the best answer, it details a solution for serving static resources with support for HTTP features such as If-Modified-Since headers and Gzip compression. The article also discusses alternative approaches, including extension mapping strategies and request wrappers, providing complete code examples and implementation insights to help developers build reliable, dependency-free static content serving components.

This article provides an in-depth exploration of enabling Cross-Origin Resource Sharing (CORS) in Apache Tomcat servers, focusing on configuration through the CORS filter in the web.xml file. Based on Tomcat official documentation, it explains the basic concepts of CORS, configuration steps, common parameter settings, and includes code examples and debugging tips. Additional insights from other answers, such as Tomcat version requirements and path-finding methods, are referenced to ensure comprehensiveness and practicality. Ideal for Java developers handling cross-domain web services.

This article provides an in-depth exploration of various methods to access JSF managed beans by name in Servlet-related classes such as @WebServlet, @WebFilter, and @WebListener. It analyzes strategies for accessing beans with different scopes (request, session, application), compares traditional @ManagedBean with CDI @Named, and introduces expression evaluation techniques when FacesContext is available. The guide offers a complete solution set for developers, also discussing the distinction between HTML tags like <br> and character \n to ensure code accuracy and readability.

This article provides an in-depth exploration of cross-site scripting attack prevention in JSP/Servlet web applications. It begins by explaining the fundamental principles and risks of XSS attacks, then details best practices using JSTL's <c:out> tag and fn:escapeXml() function for HTML escaping. The article compares escaping strategies during request processing versus response processing, analyzing their respective advantages, disadvantages, and appropriate use cases. It further discusses input sanitization through whitelisting and HTML parsers when allowing specific HTML tags, briefly covers SQL injection prevention measures, and explores the alternative of migrating to the JSF framework with its built-in security mechanisms.

This technical paper provides an in-depth analysis of proper session attribute management in Java Web development. By comparing implementation differences between JSP scriptlets and Servlets, it thoroughly explains HttpSession acquisition mechanisms, distinctions between session and request scopes, and attribute lifecycle management. The article includes complete code examples and best practice guidelines to help developers avoid common 'session cannot be resolved' errors.

This article provides an in-depth exploration of the common IllegalStateException in Java Web development, particularly the 'Cannot forward after response has been committed' error. By analyzing Servlet response mechanisms, request forwarding principles, and common error scenarios, it offers comprehensive solutions and best practices. The content covers response commitment mechanisms, code control flow management, resource leak prevention, and other core concepts to help developers fundamentally understand and resolve such issues.

This article provides an in-depth technical comparison between JAR and WAR files in Java, examining their structural differences, intended purposes, and deployment mechanisms. JAR files serve as general-purpose archives for Java libraries and applications, while WAR files are specifically designed for web application deployment. Through detailed file structure examples and practical implementation scenarios, the article offers developers a clear understanding of when and how to use each packaging format effectively.

This article provides an in-depth analysis of the Spring Security filter chain working mechanism, detailing the execution order and functionality of key filters including SecurityContextPersistenceFilter and UsernamePasswordAuthenticationFilter. Through practical configuration examples, it demonstrates the auto-configuration process of form-login and focuses on JWT token authentication integration solutions, covering custom filter development, multi-authentication mechanism coexistence strategies, and SecurityContext persistence customization methods. The article includes complete code implementations and configuration examples, offering comprehensive guidance for security framework customization.

This paper delves into the root causes and solutions for garbled non-ASCII characters (e.g., German, French) when submitting forms using the multipart/form-data format. By analyzing character encoding mechanisms in Java Servlet environments and the use of Apache Commons FileUpload library, it explains how to correctly set request encoding, handle file upload fields, and provides methods for string conversion from ISO-8859-1 to UTF-8. The article also discusses the impact of HTML form attributes, Tomcat configuration, and JVM parameters on character encoding, offering a comprehensive guide for developers to troubleshoot and fix garbling issues.

This article delves into the core methods for configuring Cross-Origin Resource Sharing (CORS) in Tomcat containers, focusing on how to implement the Access-Control-Allow-Origin: * header using third-party CORS filters. Based on high-scoring Stack Overflow answers, it details configuration steps, common issues, and solutions, covering key technical aspects such as dependency management and web.xml parameter optimization. By comparing multiple answers, it provides a complete practical guide from basic setup to advanced customization, helping developers resolve CORS configuration challenges in Tomcat 6.0.6 and later versions.

This article provides a comprehensive guide to configuring UTF-8 encoding in Java web applications using servlets and JSP with Tomcat and MySQL. It covers server settings, custom filters, JSP encoding, HTML meta tags, database connections, and handling special characters in GET requests, ensuring support for international characters like Finnish and Cyrillic.

This article provides an in-depth exploration of implementing API key and secret authentication mechanisms in Spring Boot applications, specifically for scenarios requiring anonymous data access without user authentication. By analyzing the pre-authentication filter architecture of Spring Security, it details the creation of custom authentication filters, security policy configuration, and stateless session management. With practical code examples as the core, the article systematically explains the complete process from extracting API keys from request headers, implementing validation logic, to integrating security configurations, while comparing the advantages and disadvantages of different implementation approaches, offering developers extensible security solutions.

This article explores the challenge of preventing model attributes from being automatically encoded as URL query parameters during redirects in Spring MVC applications, particularly after form submissions. By analyzing the framework's default behavior and its potential security risks, it focuses on a temporary solution based on the SPR-6464 issue, which involves custom filters and view classes to control attribute exposure. The paper also compares alternative approaches, such as using RedirectView with exposeModelAttributes set to false and passing simple state flags via query parameters, providing comprehensive technical insights and best practices for developers.

This article explores technical solutions for implementing numeric input masks in web applications, focusing on validating inputs for SQL Server numeric(6,2) fields. By analyzing the limitations of the jQuery Masked Input plugin, it introduces the flexible configuration of the jQuery Numeric plugin, which supports programmable decimal places (2 or 3) and optional integer parts (0-999). The article provides a detailed comparison of regex-based and plugin-based approaches, complete code examples, and parameter explanations to help developers build robust data validation in JSP/Servlet environments.

This article provides an in-depth analysis of the default behavior and custom configuration methods for ServletContext resource loading in the Spring MVC framework. By examining the default search path /WEB-INF/applicationContext.xml used by ContextLoaderListener, it explores how to achieve flexible configuration through the contextConfigLocation parameter. The article combines Maven multi-module project structures to detail best practices for web.xml configuration, compares the advantages and disadvantages of different solutions, and offers comprehensive technical guidance for developers.

This technical paper provides an in-depth analysis of the common Maven build error 'web.xml is missing and <failOnMissingWebXml> is set to true' encountered when creating Web projects in Eclipse. By examining Maven's build mechanisms and the role of Web deployment descriptors, the paper presents two primary solutions: generating deployment descriptor stubs and modifying pom.xml configurations. The discussion covers technical principles, compares solution advantages, and offers best practice recommendations for developers.

This technical paper provides an in-depth analysis of Cross-Origin Resource Sharing (CORS) implementation in Spring Boot backend and AngularJS frontend architectures. Through detailed examination of common 401 unauthorized errors, the article explores proper CORS filter configuration, Spring Security integration, and frontend-backend coordination mechanisms. Based on best practices, it offers complete code examples and configuration guidelines to help developers resolve cross-domain authentication issues efficiently.

This article provides a comprehensive examination of the fundamental differences between WAR and EAR files in Java enterprise applications. WAR files are specifically designed for web modules containing Servlets, JSPs, and other web components, deployed in web containers. EAR files serve as complete enterprise application packages that can include multiple WAR, EJB-JAR, and other modules, requiring full Java EE application server support. Through detailed technical analysis and code examples, the article explores deployment scenarios, structural differences, and evolving trends in modern microservices architecture.

This paper examines the challenge of attribute loss when using request.setAttribute in JSP pages across multiple HTTP requests. It analyzes the lifecycle of HTTP requests to explain why attributes in the request object cannot persist after page loading. Based on best practices, the article systematically compares two solutions: using hidden form fields and session storage. Detailed technical implementation examples demonstrate how to set attributes in JSP and retrieve them in Servlets, while discussing trade-offs in security, maintainability, and performance. Practical recommendations are provided to help developers choose the most suitable attribute persistence strategy based on specific application needs.

This article provides an in-depth guide on configuring and using the PrimeFaces p:fileUpload component, addressing common issues such as listener methods not being invoked or UploadedFile being null. It covers universal configuration requirements, version-specific settings for different PrimeFaces versions, troubleshooting steps, and best practices for file saving, aiming to assist developers in efficiently implementing file upload functionality.