I have 20 jsp's in my application, in that i have a login.jsp and loginsuccess.jsp and others are dynamic page (like pop up, search and dynamic jsp). I don't want users directly open this jsp as this has to be part of the main jsp (means invocation should happen from main jsp)
is there a way to block the users from accessing this jsp other than loginsuccess jsp.
posted 8 years ago
See the section entitled "Safeguarding JSPs" in this article