<security-constraint>
<web-resource-collection>
<web-resource-name>SecureAllJSPs</web-resource-name>
<url-pattern>*.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>nobody</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<description>No one should be put in this role.</description>
<role-name>nobody</role-name>
</security-role>
David
From: "Colquhoun, Adrian" <[EMAIL PROTECTED]>
Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
Subject: Controlling Direct Access to jsp pages
Date: Mon, 13 Jan 2003 15:40:45 -0000
Hi
If I have three pages in my view layer that must be called in sequence e.g.
- step1.jsp then
- step2.jsp then
- step3.jsp
How do I ensure that my users do not call step2 and step3 directly via a
web browser. Do I need to use a custom tag in pages 2 and 3 to check this
or is there some way to force all requests for .jsp pages in my application
to route via the ActionServlet
Thanks
Adrian
=======================================================================
Information in this email and any attachments are confidential, and may
not be copied or used by anyone other than the addressee, nor disclosed
to any third party without our permission. There is no intention to
create any legally binding contract or other commitment through the use
of this email.
Experian Limited (registration number 653331).
Registered office: Talbot House, Talbot Street, Nottingham NG1 5HF
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE* http://join.msn.com/?page=features/virus
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
