File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Win a copy of
EJB 3 in Action
this week in the
EJB and other Java EE Technologies
Allow index.jsp but disallow access to any other jsp's
Joined: May 05, 2006
Jun 08, 2007 08:56:00
I have this in my web.xml:
<security-constraint> <web-resource-collection> <web-resource-name>no_access</web-resource-name> <url-pattern>*.jsp</url-pattern> </web-resource-collection> <auth-constraint/> </security-constraint>
Is there a way I can allow access to index.jsp, but block access to any other jsp? Thanks in advance.
Author and ninkuma
Joined: Jan 10, 2002
Jun 08, 2007 09:03:00
A frequent means to accomplish this that doesn't require any configuration is to place index.jsp at the web app root, and to place all others in the folder structure under WEB-INF.
Asking smart questions
Books by Bear
I agree. Here's the link:
subject: Allow index.jsp but disallow access to any other jsp's
web.xml security-constraint question
Disallow access to *.jsp
related to auth constraint
Tips on form-based authetication
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2014