Can you post the entire web descriptor? i don't see auth-constraint specified in the snippet. You need to apply authorization constraint to protect your pages/
Ashish Kulkarni <[EMAIL PROTECTED]> wrote:Hi I want to secure all my jsp in my web application, I added following security constraint in my web.xml file, but some how seems it does not work Block Access to jsp files This is to block access to all jsp files *.jsp POST GET what may be the reason?? Ashish ===== A$HI$H __________________________________ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------- Do you Yahoo!? Discover all that�s new in My Yahoo!
