Sure: <security-constraint> <web-resource-collection> <web-resource-name>Private</web-resource-name> <url-pattern>/pdf/*</url-pattern> </web-resource-collection> <auth-constraint></auth-constraint> </security-constraint>
The empty <auth-constraint> element causes all client requests for the collected resources to be denied (it's still legal to perform forwards or includes, however). Quoting Nicolas De Loof <[EMAIL PROTECTED]>: > > > > Can't you just have the action that "fronts" the PDF servlet return a > forward > > that represents the path to that servlet? > > > > web.xml: > > > > <servlet-mapping> > > <servlet-name>pdfServlet</servlet-name> > > <url-pattern>/pdf</url-pattern> > > <servlet-mapping> > > > > You could also include a <security-constraint> element to ensure that > clients > > can't make direct requests to the PDF servlet. > > > > That was what I was thinking about, but I thought it would allow user to > get > direct request to pdf-servlet. I never used <security-constraint> (nobody's > perfect ;-)), could you give us an example please ? > > Nico. > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > -- Kris Schneider <mailto:[EMAIL PROTECTED]> D.O.Tech <http://www.dotech.com/> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>