I mean denying access to JSPs by URL or some other means. Make JSPs private content.
El Lunes, 1 de julio de 2013 08:28:10 [email protected] escribió: > Protecting JSP in what way? > Though putting them under WEB-INF is a good approach > > But you need to provide more information about what kind of protection you > want to have Sent from BlackBerry® on Airtel > > -----Original Message----- > From: Antonio Sánchez <[email protected]> > Date: Mon, 01 Jul 2013 10:24:15 > To: <[email protected]> > Reply-To: "Struts Users Mailing List" <[email protected]> > Subject: Best practice for protecting JSPs > > I need to protect JSPs. Some options: > > 1. Put JSPs under WEB-INF and, optionally, use the conventions plugin. > > 2. Declare authorization constraints in web.xml. > > 3. Use some external tool, perhaps Spring Security. > > 4. Some other options. > > Which is the best practice in Struts2? > > Thanks. > > �� > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected]
