Hi;
I am using an MVC framework and need to enforce security constarints on JSPs under a specific folder which is access through the framework navigation handler.
My app structure:
/app/1.jsp
/app/protect/2.jsp //need to protect this
Its my understanding that the request dispatcher does not take into consideration the security constraints. So if I put a constraint in the DD on the 'protected' it will not do the trick. What is the thought behind this?
Is there a way of doing this declaritavely?
What alternatives do I have(besides plain programatic)?
thanks
___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
