security for jsp's

Hi,

I just started learning JSP. I am writing a simple JSP which has a form and asks the user for a username and password, the username and password are pre-defined in a hashmap. I was wondering, are people able to download the JSP file on my server and see the whole source code of it? If they are how can i prevent people from downloading a JSP file off my server and not allowing them to look at the code.

I have noticed that when you run a JSP page through a browser (e.g. IE) and click on view - source it shows just the HTML markup rather than the Java. This is great. But are people able to download the JSP file and view its full source (including the java scriptlets, directives and expressions)?
LVL 18
Ravi SinghSenior Software EngineerAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
KuldeepchaturvediConnect With a Mentor Commented:
no if you have directory listing off on your server....
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.