Solved

JSP but no Servlet allowed - possible?

Posted on 2011-02-25
19
314 Views
Last Modified: 2012-05-11
Hello,

I have a small shared hosting plan and I am able to run JSP pages without any problem.  I'd like to add some Java Servlets but I was told that this isn't possible on my share host for security reasons.

Am I missing something or aren't JSP pages 'compiled' to servlets themselves?  Does this possibly make sense.  Obviously I'm relatively new to JSP and Java servlets but this seems strange to me.

Is there anyway I could test this for myself on my accounts? (ie. test if servlets do infact work)

Note:  Apache tomcat 5.5 (I believe)

Aslo, one of the reasons I'm asking is becasue I'm not sure the support group was confident in their answer.  The security claim seemed to be a brush off as I told them I was just setting this up for testing purposes.


Thanks

M
0
Comment
Question by:mac-will
  • 9
  • 8
  • 2
19 Comments
 
LVL 9

Expert Comment

by:rawinnlnx9
ID: 34981726
Go here and read the second question about Java Servlet Technology: (How does the Java Server Page Technology Work)

Full Discussion:
http://java.sun.com/products/jsp/faq.html

JSP Compiled to Servlets:
http://java.sun.com/products/jsp/faq.html#2
0
 
LVL 9

Expert Comment

by:rawinnlnx9
ID: 34981741
These are the latest Oracle Web Servers that support servlets. I'm sure there are others as well.

http://java.sun.com/products/jsp/industry.html
0
 
LVL 8

Author Comment

by:mac-will
ID: 34981863
Thank you.  However these resources are precisely why I am asking the question.

Since JSP pages are compiled to servlets why would servlets not be allowed?  Please read my full post for details.
0
 
LVL 27

Expert Comment

by:rrz
ID: 34981867
>I have a small shared hosting plan  
Where ?  
What are able to do there ? Can you upload war file for your web app ? Can you edit your web app's web.xml file ?
>I'd like to add some Java Servlets  
What function do you want them to have ? JSP can do  anything that regular Servlets can do.
0
 
LVL 8

Author Comment

by:mac-will
ID: 34981900
Where?
On a paid server somewhere in the US.  It's a Linux server running Apache Tomcat.

What are able to do there ? Can you upload war file for your web app ? Can you edit your web app's web.xml file ?

I can ftp to the server transfer any file (including war files if needed).  I have access to an ssh jailshell.
I do not have access to the apache webapp folder directly.


I'm just experimenting with JSP and I'd like to test some of the MVC frameworks.
0
 
LVL 27

Expert Comment

by:rrz
ID: 34981964
>On a paid server somewhere in the US.  
Do they have a website that we could browse ?
0
 
LVL 8

Author Comment

by:mac-will
ID: 34981993
Is this important to answer the question?

www.coolhandle.com
0
 
LVL 27

Expert Comment

by:rrz
ID: 34982199
>Is this important to answer the question?  
I just wanted to see your environment.
I think the problem is that you don't have your own Tomcat instance. Correct me if I am wrong. Can you start and stop Tomcat whenever you want ?  
0
 
LVL 8

Author Comment

by:mac-will
ID: 34982220
no I can not.
So this kind of limits me in terms of a full MVC java app I guess?
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 8

Author Comment

by:mac-will
ID: 34982244
I guess I was looking for some .htaccess redirect magic where I could set up a full java servlet app locally.  or something like this. (I've been experimenting with Perl Catlyst as well)
0
 
LVL 27

Expert Comment

by:rrz
ID: 34982323
>So this kind of limits me in terms of a full MVC java app I guess?  
Yes I think so.
Do you have your own web.xml for your own web app ?
Your web.xml file is where you would map your controller Servlet(for something like Struts or Spring).
0
 
LVL 27

Expert Comment

by:rrz
ID: 34982348
How much a month do you want to spend ?
For $20/month you can the basic plan at  something like  
http://rimuhosting.com
0
 
LVL 8

Author Comment

by:mac-will
ID: 34982430
I don't think so but I may be looking in the wrong spot.

Where would this be located?
0
 
LVL 8

Author Comment

by:mac-will
ID: 34982453
Ya, I'm thinking of moving to a VPS but right now this is for non work 'hobby' testing so I'll have to see.

Do you like that hosting provider?
The coolhandle one I'm using seems to have a better base VPS package.
0
 
LVL 27

Expert Comment

by:rrz
ID: 34982616
I do think RimuHosting is excellent. I used to have an account there.
Now, I have a free account at  Google App Engine.   I recommend  them too. The GAE runs Jetty. You can use Servlets with them. Give it a try, it is free for a starting account.  I am sure if there is a waiting period these days.
http://code.google.com/appengine/docs/whatisgoogleappengine.html  
http://code.google.com/appengine/
0
 
LVL 27

Expert Comment

by:rrz
ID: 34982625
I meant
I am not  sure if there is a waiting period these days.
0
 
LVL 8

Author Comment

by:mac-will
ID: 34982711
So just to close up this question.  Is the statement that servlets pose a greater security risk than JSP pages valid?
0
 
LVL 27

Accepted Solution

by:
rrz earned 500 total points
ID: 34982981
>Is the statement that servlets pose a greater security risk than JSP pages valid?
Servlets(in anything less than Servlet 3.0 API) need to be mapped in your web app's web.xml file. If you don't have a private web app with a private web.xml file then it would not be possible to have private Servlets.  
I presume that coolhandle uses some sort of filter to keep you separate from other accounts. I guess that you browse with something like  ?
 http://www.coolhandle.com/yourAccountName/yourPage.jsp
0
 
LVL 8

Author Comment

by:mac-will
ID: 34983147
Yes this is correct except the www.coolhandle.com/myaccount is mapped to www.mydomain.com

so I just go www.mydomain.com/mypage.jsp and this works fine.

Thanks for you help.

Cheers,

Mac
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now