The orders of these entries is important. You should also make sure and use /secure/** instead of /secure/*.
Matt On Sun, Jul 27, 2008 at 8:20 AM, alibehzadian <[EMAIL PROTECTED]> wrote: > > Hi there, > > I want to secure my upload directory so not logged-in users can not see the > files. > I added > <intercept-url pattern="/secure/*" access="ROLE_ADMIN"/> > (I upload files to this directory and its sub directories) > to security.xml but it seems that it does not work fine and even > not logged-in users can see this files. > > Thanks, > Ali behzadian Nejad. > -- > View this message in context: > http://www.nabble.com/How-to-have-secure-files--tp18676814s2369p18676814.html > Sent from the AppFuse - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
