2013/7/1 Antonio Sánchez <juntandolin...@gmail.com>: > I need to protect JSPs. Some options: > > 1. Put JSPs under WEB-INF and, optionally, use the conventions plugin. > > 2. Declare authorization constraints in web.xml.
These two options are the best to avoid direct access to JSPs - not all containers block access to resources in WEB-INF and fake auth constraints will sole that problem and it's an ultimate solution. Regards -- Łukasz + 48 606 323 122 http://www.lenart.org.pl/ --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
