> I tried putting the below string in web.xml, but all my css, js from the > application got blocked. But pages are coming. Is something missing or some > extra thing to be done? > > <security-constraint> > <display-name>Prevent access to raw pages.</display-name> > <web-resource-collection> > <web-resource-name>Raw Pages</web-resource-name> > <url-pattern>/struts/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <description>No roles, so no direct access</description> > </auth-constraint> > </security-constraint> > > > > Regards, > --------------------------------------------------------- > Girish Naik >
The way this security constraint works is it prevents direct access to the area defined by the <url-pattern>/struts/*</url-pattern> elements (you can have multiple). In this case we put our jsp files under /struts/ folder. You can name the folder whatever you like but only put jsp files in it. You need to put your css and js file someplace else. Our typical layout for webroot is: / css/ images/ js/ struts/ WEB-INF/
