Hi,
Pham Anh Tuan wrote:
Hi all :)
I use Tomcat and Struts framework to build my web app.
I lay jsp document file at web app root.Such as cart and user.
something like:
/cart
/user
/WEB-INF/
....
When I run my web app, I could access /webapp/cart folder and /webapp/user
folder from browser. All files in 2 folders above are listed.
I don't know there's any solution to deny access to cart and user folder?
Should I configure Tomcat, do something like with httpd.conf file of Apache.
help me :(
I don't know if it's acceptable for you but you could put the resources
that shouldn't be accessed directly from a browser in WEB-INF.
The servlet specs guarantees that the resources under WEB-INF cannot be
accessed directly.
You will be able to forward to these resources, so that's how you can
return the protected resources to the browser.
Tamas
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
