Hi,
Under Tomcat i would keep my jsp's under an accessible directory and
use the security-constraint in web.xml : (something like)
...
<security-constraint>
<web-resource-collection>
<web-resource-name>protected jsp</web-resource-name>
<url-pattern>/jsp/*.jsp</url-pattern>
</web-resource-collection>
</security-constraint>
to prevent direct access to my jsp's files then forward to them from actions.
The added benefit is that we enforce the MVC model in that only the
controler can choose the next view.
Hope this helps.
Daoud AbdelMonem Faleh.
On 7/13/06, James Woodward <[EMAIL PROTECTED]> wrote:
I may be wrong but if all the jsp pages are in the WEB-INF directory and
you try to redirect to a .jsp file it's basically the same as loading it
directly. I think you have to use a forward to access it. You could
probably get around it if you created an action to specifically display
the jsp file and use a redirect to that action.
Keep in mind I'm no expert and could be completely wrong about this one.
James
Pankaj Gupta wrote:
> Hi All,
>
> I have specified redirect="true" in my action forwards but tomcat
> fails to find the jsp. I have kept all my jsp's in WEB-INF/jsp folder
> so as to avoid direct jsp access. Please suggest how can I make
> redirect to work.
>
> regards,
> Pankaj
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
