I'm working on
Servlets 4b, and I have a question!
If someone knows the name of one of the
jsp pages and types it in the address bar of their browser, should the page display at all? I don't see how you can avoid the page being displayed, but if the user didn't enter through the login page with the correct password, then the jsp shouldn't be able to use the servlet. Is that a fair assessment?