0

I have a Joomla (nginx + mysql) site running as UI and some JSP (tomcat + mysql) handling calculation logic.

I want to integrate JSP pages in to Joomla as iframe. I succeeded doing that, but the question is:

How do I make JSP pages NOT visitable to public but only visitable via Joomla site?

For example,

Joomla site is under mydomain.com/Joomla

JSP pages are under mydomain.com/JSP

When a user visit mydomain.com/JSP in the browser, the user cannot see the JSP page(see error or empty page instead).

But when the user open mydomain.com/Joomla in the browser and go to the page that contains the JSP site within an iframe, the user can see the JSP page there.

I am thinking about changing folder/file owner and permission. Am I on the right track? How should I approach exactly?

Thanks,

Milo

hoyomi
  • 277
  • 1
  • 6
  • 19

1 Answers1

1

You need to change the way you're currently workin on.

1) Use composent JUMI to create virtual Joomla component based on your scripts. 2) On each page add this code at the very beginning of each of your scripts:

<?php
defined( '_JEXEC' ) or die ('Restricted Access');
?>

It'll prevent users for loading directly your scripts without any active Joomla session.

Arnaud
  • 412
  • 6
  • 12