I saw many sample applications given by books do not put their JSPs inside the WEB-INF directory. But, I am wondering why! If we are using MVC, we only want the client to directly access our servlets but not the JSPs. Putting JSPs above WEB-INF means exposing them to the client.
Would there be any other considerations in deciding where to place the JSPs?
I think it's pretty simple and straight-forward. If you want the JSP to be directly addressable put it outside WEB-INF. If you do not want it to be, put it inside WEB-INF.
My apps generally have an index.jsp at the root which redirects them to the controller for the home page. All other JSPs, sometimes with the exception of error pages, are hidden behind WEB-INF so that they can only be displayed by going through the appropriate controller/action.
To each, of course. Everyone is free to decide what is best for their own application.
However, I find the "some containers do not support it" reasoning rather specious. If you are not being forced to use a broken container, why cripple your application structure with provisions for a container that doesn't work right? One might argue that it limits the portability of the app, but why would you migrate from a container that works to one that doesn't?
And I competely do not understand the assertion that using Struts-like actions hides anything. Whether the controller execution unit is a servlet or an "action" has no bearing whatsoever on the addressability of the JSPs.
By the way, that thread is also 3 years old. Times and accepted practices change.
I dare not challenge the authority.
There are differing opionions among "authorities". Do you not think that it'd be best to solicit such opinions -- as indeed you are doing now -- and then make up your own mind as to which suits you and your app best?