Hello,
The Java Servlet Specification (Version 2.3, Draft 2) under SRV.12.2 states:
"The security model applies to the static content part of the web
application and to servlets within the application that are requested by the
client. The security model does not apply when a servlet uses the
RequestDispatcher to invoke a static resource or servlet using a forward()
or an include()."
Does this mean that using the MVC architecture with a Web controller as
described in the J2EE Blueprints precludes the use of this security model?
-Jerome
