struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Saravanan Veerappan <saro_...@yahoo.com>
Subject Re: [OT] secure jsp in web application
Date Wed, 17 Nov 2004 22:33:33 GMT
If you don't want to expose your jsp's by url, place your files under /WEB-INF directory of
your web application. You do not need to declare in web descriptor.

Ashish Kulkarni <kulkarni_ash1312@yahoo.com> wrote:
Hi
I dont want anyone to access them, still do i have to
add auth-constraint in web.xml file?? 
if yes how do i add them with no user??

Ashish
--- Saravanan Veerappan wrote:

> Can you post the entire web descriptor? i don't see
> auth-constraint specified in the snippet. You need
> to apply authorization constraint to protect your
> pages/
> 
> Ashish Kulkarni 
> wrote:Hi
> I want to secure all my jsp in my web application, 
> I added following security constraint in my web.xml
> file, but some how seems it does not work
> 
> 
> Block Access to jsp
> files
> This is to block access to all jsp
> files
> *.jsp
> POST
> GET
> 
> 
> 
> what may be the reason??
> 
> Ashish
> 
> =====
> A$HI$H
> 
> 
> 
> __________________________________ 
> Do you Yahoo!? 
> The all-new My Yahoo! - Get yours free! 
> http://my.yahoo.com 
> 
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> user-unsubscribe@struts.apache.org
> For additional commands, e-mail:
> user-help@struts.apache.org
> 
> 
> 
> 
> ---------------------------------
> Do you Yahoo!?
> Discover all that’s new in My Yahoo!


=====
A$HI$H



__________________________________ 
Do you Yahoo!? 
Meet the all-new My Yahoo! - Try it today! 
http://my.yahoo.com 



---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


			
---------------------------------
Do you Yahoo!?
 The all-new My Yahoo! – Get yours free!    
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message