You told tomcat to only allow post and get access to your jsp files. Uhh, that is about all you can possibly allow. What are you trying to do?
>>> [EMAIL PROTECTED] 11/17/2004 3:06:18 PM >>> Hi I want to secure all my jsp in my web application, I added following security constraint in my web.xml file, but some how seems it does not work <security-constraint> <web-resource-collection> <web-resource-name>Block Access to jsp files</web-resource-name> <description>This is to block access to all jsp files</description> <url-pattern>*.jsp</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> </security-constraint> what may be the reason??