Hi all :) I use Tomcat and Struts framework to build my web app.
I lay jsp document file at web app root.Such as cart and user. something like: /cart /user /WEB-INF/ .... When I run my web app, I could access /webapp/cart folder and /webapp/user folder from browser. All files in 2 folders above are listed. I don't know there's any solution to deny access to cart and user folder? Should I configure Tomcat, do something like with httpd.conf file of Apache. help me :( Thanks for ur reading, Pham
