I want to restrict all of /*.jsp except a few jsp files that are used for logging on and such. I currently have a security-constraint doing this (restricting access to *.jsp) but of course I can't find any way of allowing the few jsps I want to publically allow.
Joel. ""Abraham Fathman"" <[EMAIL PROTECTED]> wrote in message news:<013c01c1f3ec$2bc49720$8a56e20a@pcg>... | Joel, | | Setup a <security-contraint> in the web.xml that includes the url that | you want to restrict. | | | -----Original Message----- | From: Joel Baker [mailto:[EMAIL PROTECTED]] | Sent: Saturday, May 04, 2002 10:24 PM | To: [EMAIL PROTECTED] | Subject: More complex security-constraint options | | | Hi all, | | I'm trying to create a web application that imposes a security | constraint on all but a few of the JSP pages. I don't want to split up | the application putting the non-public stuff in a private directory and | only applying the security-constraint to this, as this isn't as elegant | as the solution I would ideally like as I want the root of the webapp to | be the root for a logged in user, not for them to go to some directory | within the webapp. | | Basically, is there a way to refine the security constraints url-pattern | tag to allow excluding certain files or directories? | | Thanks in advance, | | Joel Baker. | | | -- | To unsubscribe: <mailto:[EMAIL PROTECTED]> | For additional commands: <mailto:[EMAIL PROTECTED]> | Troubles with the list: <mailto:[EMAIL PROTECTED]> | | -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
