J�rgen, Put the JSP under the WEB-INF directory. Once there, it will only be accessible from within your web application.
-Richard -----Original Message----- From: J�rgen Scheffler [mailto:[EMAIL PROTECTED] Sent: Thursday, January 15, 2004 8:15 AM To: [EMAIL PROTECTED] Subject: JSP Protection Hi, how do i block URL guessing? if someone requests abc.com/secret_page.jsp he gets it. In my Action i check if the user object has the right rights for this action and then i forward him. But if guesses the jsp, he opens it. Help me! J�rgen --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
