This week's book giveaways are in the iOS and Features new in Java 8 forums. We're giving away four copies each of Barcodes with iOS: Bringing together the digital and physical worlds and Core Java for the Impatient and have the authors on-line! See this thread and this one for details.
How can I prevent a user from accessing some directories inside a webapp? I have some configuration XML items and these can be viewed by the browser if the full path is known. Is there a setting which I can add in web.xml for my webapp, which can display some sort of (404) error with a mapping to the directory?
If you put your configuration items under the WEB-INF directory, Tomcat will not serve them. Thats the whole idea behind WEB-INF - concealed from browsers but available to applications. If you do this right your file locations will not be dependent on absolute file locations. See the methods in javax.servlet.ServletContext such as getRealPath()