struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: Best practice for protecting JSPs
Date Mon, 01 Jul 2013 08:28:10 GMT
Protecting JSP in what way?
Though putting them under WEB-INF is a good approach

But you need to provide more information about what kind of protection you want to have 
Sent from BlackBerry® on Airtel

-----Original Message-----
From: Antonio Sánchez <>
Date: Mon, 01 Jul 2013 10:24:15 
To: <>
Reply-To: "Struts Users Mailing List" <>
Subject: Best practice for protecting JSPs

I need to protect JSPs. Some options:

1. Put JSPs under WEB-INF and, optionally, use the conventions plugin. 

2. Declare authorization constraints in web.xml.

3. Use some external tool, perhaps Spring Security.

4. Some other options. 

Which is the best practice in Struts2?


View raw message