URGENT: WEB app. protected JSPs


Web tier: servlets, JSP, Web frameworks: URGENT: WEB app. protected JSPs

  1. URGENT: WEB app. protected JSPs (1 messages)

    hello all

    I want to protect all JSPs in my app. (using web-resource-collection) except one (logon.jsp), how can I do it ?


    <!ELEMENT web-resource-collection (web-resource-name, description?,
    url-pattern*, http-method*)>
  2. URGENT: WEB app. protected JSPs[ Go to top ]

    Unfortunately, the web.xml file only allows you to specify resource that your are protecting, and does not allow exclusions. You need to:

    1. Protect all your directories: /directory/*
    2. Project all the JSP in your root directory: /index.jsp
    3. Leave login.jsp off this list.

    Another trick: make your login page some other than a JSP: login.html. Then you can protect *.jsp and login.html will not be protected.