I have a problem where Tomcat is allowing a user, once logged in, to browse the directory structure and files on the server. How do I stop this from happening?
Process: The user follows the URL https://machine_name:8443/myapp/servlet/MyServlet. Logs in using the user name and password that will allow them access to the servlet the removes items off the URL up to myapp and then can browse the entire structure below that root on the tree. I need to confine them only to valid interaction between the servlets and the users. Robert S. Harper Senior Engineer 1100 East 6600 South, Suite 300 Salt Lake City, UT 84121-7411 801.265.8800 ex. 255
