If I add a security constrait to block direct access to jsp outside of
/WEB-INF/ it blocks the welcome-file with a 403.  Is there a caveat for
using this here?

<!-- Restricts access to pure JSP files - access available only via Struts
action -->
         <display-name>No direct JSP access</display-name>

         <description>Don't assign users to this role</description>


Cheers Greg

Reply via email to