This seem to be a authentication issue managed with Container Managed Authentication
<web-resource-collection> <web-resource-name>web</web-resource-name> <description>Require users to authenticate</description> <url-pattern>/xxx/*.jsp</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> CMA will popup your login page when a secure URL is accessed. Mohan -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 24, 2003 6:58 PM To: [EMAIL PROTECTED] Subject: security of html pages & max file size property Hi all, I have two questions: 1) I have a problem with the help menu of my application wich contains html pages. I would not like to access those pages without being log on, so I access them via a secure Action that just do a forward to the good page: <action path="/help/helpAction" type="com.bnpparibas.primeweb.web.help.HelpAction" name="helpForm" scope="request" validate="false"> <forward name="menu" path="/help/help.jsp"/> <forward name="banner" path="/help/help_banner.jsp"/> <forward name="mainFrame" path="/help/help_mainFrame.jsp"/> <forward name="home" path="/help/help_home.htm"/> <forward name="index" path="/help/help_index.jsp"/> <forward name="options" path="/help/help_options.htm"/> <forward name="report" path="/help/help_report.htm"/> </action> But I still can access the pages without being log on, just by writing the url in the browser. I have so done a filter to disable the user to access this page, but I would like to avoid this solution, I would prefier use Actions only. do you have any idea. 2) File Upload: whe the clien exceed the max upload file size, I would like to display a message via the message framework, which looks like this: maxLengthExceeded= Maximum file size exceeded ({0}) where {0} is the max size setting in struts-config.xml. But I did not find where I can take programaticly this information.... Thanks for your help. So this is Christmas And what have you done Another year over And a new one just begun.... This message and any attachments (the "message") is intended solely for the addressees and is confidential. If you receive this message in error, please delete it and immediately notify the sender. Any use not in accord with its purpose, any dissemination or disclosure, either whole or partial, is prohibited except formal approval. The internet can not guarantee the integrity of this message. BNP PARIBAS (and its subsidiaries) shall (will) not therefore be liable for the message if modified. --------------------------------------------- Ce message et toutes les pieces jointes (ci-apres le "message") sont etablis a l'intention exclusive de ses destinataires et sont confidentiels. Si vous recevez ce message par erreur, merci de le detruire et d'en avertir immediatement l'expediteur. Toute utilisation de ce message non conforme a sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite, sauf autorisation expresse. L'internet ne permettant pas d'assurer l'integrite de ce message, BNP PARIBAS (et ses filiales) decline(nt) toute responsabilite au titre de ce message, dans l'hypothese ou il aurait ete modifie. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]