I've tried this with Struts but found it to be unwieldly in the struts-config.xml file.
Do you make an <action>, and a <forward>, for every single "real" JSP page? Kind of a pain in the buttocks if you ask me, but I see where you're going with the idea of centralizing access control, exception handling, etc. I wonder if I'm not doing it as elegantly as I could (with respect to the struts-config file). I also wonder if using the new Filtering scheme (which Struts doesn't do anything with), is a more elegant way of inserting that layer in front of every JSP access, rather than a Struts action. Thanks, Bryan On Tue, 2001-12-18 at 10:53, Ted Husted wrote: I do strongly recommend that all references go through actions or forwards, and that a Struts application never link directly to a JSP. This makes where the JSPs are kept less of an issue, since that location is never revealed on the address bar. Heck, there's no reason for anyone to even know that they are JSPs back there to access ;-)