Struts does allow you to place all your files including jsp files under the web-inf directory, and therefore make them much more difficult for outsiders to view. You also don't have to give the name of the jsp file you want to access from a form submission/link.
action="someJsp.do" in the struts-config.xml script: <action path="/someJsp" forward="/web-inf/jsp/aJspFile.jsp"/> Hope this helps Peter ----- Original Message ----- From: Daniel Jimenez <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: Steve Goldsmith <[EMAIL PROTECTED]> Sent: Monday, November 26, 2001 10:29 PM Subject: MVC security? This issue has probably already been covered but if someone could lend me a hand in describing any security benefits of having an MVC framework. I'm not a security expert by any means, but my gut reaction is that the struts framework provides some increase in security. Could someone respond back and describe what they are or aren't? Thanks in advance!! Dan Jimenez Briggs & Stratton -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>