I've heard of this approach to protecting access to JSP pages but I've never been able to get it to work. How, exactly, do you route to a JSP in the /WEB-INF directory? Could you maybe provide a little of the struts-config.xml file that would do this or the code in the Action class that does this?
Thanks. >>> [EMAIL PROTECTED] 01/13/03 08:50AM >>> I place them all under /WEB-INF and force them to go through my action classes. There are other ways, but this is the most convenient for me. <disclaimer> Use at your own risk. Not all containers support doing it this way. </disclaimer> -- James Mitchell > -----Original Message----- > From: Colquhoun, Adrian [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 13, 2003 10:41 AM > To: '[EMAIL PROTECTED]' > Subject: Controlling Direct Access to jsp pages > > > > Hi > > If I have three pages in my view layer that must be called in > sequence e.g. > > - step1.jsp then > - step2.jsp then > - step3.jsp > > How do I ensure that my users do not call step2 and step3 > directly via a > web browser. Do I need to use a custom tag in pages 2 and 3 > to check this > or is there some way to force all requests for .jsp pages in > my application > to route via the ActionServlet > > Thanks > > Adrian > > > ============================================================== > ========= > Information in this email and any attachments are > confidential, and may > not be copied or used by anyone other than the addressee, nor > disclosed > to any third party without our permission. There is no intention to > create any legally binding contract or other commitment > through the use > of this email. > > Experian Limited (registration number 653331). > Registered office: Talbot House, Talbot Street, Nottingham NG1 5HF > > -- > To unsubscribe, e-mail: > <mailto:struts-user-> [EMAIL PROTECTED]> > For > additional commands, > e-mail: <mailto:[EMAIL PROTECTED]> > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>