I'm not trying to re-invent anything. I'm just trying to
leverage the specification to secure resources.
Personally I prefer WEB-INF to contain web application
configuration and information resources instead of content
and other non-configuration resources. IMHO, its intuitive that
way.
For anyone else that may even be remotely interested in this
topic, some further googling produced some interesting results.
I searched using the string:
"preventing direct access to .jsp files"
It appears that there is no standard way to do this even though
it's implied in the spec.
Here's a good example:
http://forums.bea.com/bea/message.jspa?messageID=202433201
Oh well...
/robert
> -----Original Message-----
> From: Hassan Schroeder [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 14, 2004 5:55 PM
> To: Tomcat Users List
> Subject: Re: [newbie] Container Managed Security - preventing direct
> access to .jsp
>
>
> Robert Taylor wrote:
>
> > Does this not imply that I can do what I am trying to do?
>
> I suppose; I'm just baffled why you want to reinvent this particular
> built-in wheel, but don't let that stop you :-)
>
> --
> Hassan Schroeder ----------------------------- [EMAIL PROTECTED]
> Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com
>
> dream. code.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
