<security-constraint>
<web-resource-collection>
<web-resource-name>SecureAllJSPs</web-resource-name>
<url-pattern>*.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>
No roles should be able to access a JSP directly. Everyone
must go through the controller servlet.
</description>
<role-name>nobody</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<description>
Nobody should be in this role so jsp files are protected
from direct access.
</description>
<role-name>nobody</role-name>
</security-role>
From: "Jonathan Hodges" <[EMAIL PROTECTED]> Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: Location of jsp files Date: Sat, 11 Jan 2003 09:31:24 -0600Hello, I was wondering what the best practice is for the location of my jsp files in my web application. I was thinking about placing them in the WEB-INF directory so they couldn't be reached without going through the ActionServlet. I guess I could accomplish the same thing with the right mapping the in the web.xml file as well. Any suggestions? Thanks in advance, Jonathan Hodges Infinity Insurance
_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
