Hi,
Use <web-resource-collection>
<web-resource-name>
<url-pattern>
<auth-constraint>...
in web.xml. Is this something that you are looking for?
From: Katz Guy <[EMAIL PROTECTED]>
Reply-To: "A mailing list for discussion about Sun Microsystem's Java
Servlet API Technology." <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Protecting resources under request dispacher declarativally?
Date: Sun, 8 Feb 2004 14:13:38 +0200
Hi;
I am using an MVC framework and need to enforce security constarints on
JSPs
under a specific folder which is access through the framework navigation
handler.
My app structure:
/app/1.jsp
/app/protect/2.jsp //need to protect this
Its my understanding that the request dispatcher does not take into
consideration the security constraints. So if I put a constraint in the DD
on the 'protected' it will not do the trick. What is the thought behind
this?
Is there a way of doing this declaritavely?
What alternatives do I have(besides plain programatic)?
thanks
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
_________________________________________________________________
Keep up with high-tech trends here at "Hook'd on Technology."
http://special.msn.com/msnbc/hookedontech.armx
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
