Actually they should be protected by the /**/*.html*=admin,user as long as
you access them with a .html ..depending onm which webframework you are
using you should create some mapping to your files(in struts
..struts-config...in jsf faces-config) when you build your war file the JSP
inside the pages directory(in the source) files will exist inside the
WEB-INF folder and this folder is not accesible by a browser(hence the need
to map the file ) so you could just add a subfolder to the pages and they
would be secured from direct acces even without any entries in the
security.xml. If you however want to acces the files directly in the address
field of the browser without going through an action, then just add
<property name="objectDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
/yourfolder/**/*.jsp=admin,user,yourROLE
/clickstreams.jsp*=admin
/flushCache.*=admin
/passwordHint.html*=ROLE_ANON
Yesh wrote:
>
> Hi,
>
> I have added a folder which contains some jsp files in appfuse
> application. How to give security to those files.
>
--
View this message in context:
http://www.nabble.com/ACEGI-SECURITY-tf2917819s2369.html#a8185421
Sent from the AppFuse - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
