I have noticed that the jsp files in an andromda generated application are directly accessible by the browser. In the past I have put my jsp's under WEB-INF forcing the user to go through a Struts action as a security precaution. When jsp precompilation is enabled the compiled pages appear to be located under WEB-INF but I can still access the page directly when entering the url to the page in the browser. Is there a way to protect the pages so that a user can't directly access them? _________________________________________________________ Reply to the post : http://galaxy.andromda.org/forum/viewtopic.php?p=943#943 Posting to http://forum.andromda.org/ is preferred over posting to the mailing list!
------------------------------------------------------- This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput a projector? How fast can you ride your desk chair down the office luge track? If you want to score the big prize, get to know the little guy. Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20 _______________________________________________ Andromda-user mailing list Andromda-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/andromda-user
