Yup. However, there is a possible trick (which I haven't tried) which is related to this. You could still set your welcome file to "index.do" (along with the security constraint for JSPs) if you just create a plain file named "index.do", whose contents are irrelevant. Apparently, the container starts to serve the plain file, but the servlet mapping handles it first. One of these days I should actually try that :) , to verify whether it works for me.
> -----Original Message----- > From: Chen, Gin [mailto:[EMAIL PROTECTED] > > Ahh.. Interesting.. But doesn't that stop the welcome-file too? > -Tim > > -----Original Message----- > From: Karr, David [mailto:[EMAIL PROTECTED] > > > -----Original Message----- > > From: Fenderbosch, Eric [mailto:[EMAIL PROTECTED] > > > > Is there a how-to on hiding JSPs in WEB-INF? I keep getting > > 404 errors after moving them there. I google'd the problem, > > but didn't really find a how-to, but did find a couple posts > > that say this might be impossible with WebLogic 6.1. Can > > anyone confirm or deny that? > > This is one of those aspects that BEA interpreted a little differently > than other vendors. The spec says (paraphrased) that you can't serve > content from the WEB-INF directory. BEA took that to mean even > "forward" references, but most other vendors allow that. > > The other strategy for protecting direct access to JSP urls, > is adding a > security constraint for all JSP pages, for the role "nobody". > That will > allow you to prevent direct URL references to JSP pages, but > still allow > forwards to them. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]