Hi david, I´ve done this, but when he´s try to access the first page (index.jsp) he says:
Configuration error: Cannot perform access control without an authenticated principal It´s because of the web.xml file that has the tag <welcome-file-list>. How can I fix this? Julio Cesar -----Mensagem original----- De: David Graham [mailto:[EMAIL PROTECTED]] Enviada em: quarta-feira, 29 de janeiro de 2003 18:42 Para: [EMAIL PROTECTED] Assunto: Re: Accessing JSP's under WEB-INF For a portable solution, put this in your web.xml file instead: <security-constraint> <web-resource-collection> <web-resource-name>SecureAllJSPs</web-resource-name> <url-pattern>*.jsp</url-pattern> </web-resource-collection> <auth-constraint> <description> Protects all JSP files from direct access. Clients must go through the controller servlet. </description> <role-name>nobody</role-name> </auth-constraint> </security-constraint> <security-role> <description>No one should be put in this role.</description> <role-name>nobody</role-name> </security-role> >From: "James Mitchell" <[EMAIL PROTECTED]> >Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> >To: "Struts Users Mailing List" <[EMAIL PROTECTED]> >Subject: Re: Accessing JSP's under WEB-INF >Date: Wed, 29 Jan 2003 15:52:51 -0500 > >Aside from the fact that not every container supports it, no. > > >-- >James Mitchell > > > > > >----- Original Message ----- >From: "White, Joshua A (AG, COMM)" <[EMAIL PROTECTED]> >To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]> >Sent: Wednesday, January 29, 2003 3:04 PM >Subject: RE: Accessing JSP's under WEB-INF > > > > James, > > > > I couldn't have ask for anything more. > > > > Does anyone know of any performance problems with organizing your code >in > > the manner? > > > > Joshua > > > > -----Original Message----- > > From: James Mitchell [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, January 29, 2003 2:57 PM > > To: Struts Users Mailing List > > Subject: Re: Accessing JSP's under WEB-INF > > > > You can download the struts-example that was modified to demonstrate >this > > from the following URL: > > > > http://www.open-tools.org/struts-atlanta/downloads > > > > > > > > -- > > James Mitchell > > > > > > > > > > > > ----- Original Message ----- > > From: "White, Joshua A (AG, COMM)" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, January 29, 2003 2:51 PM > > Subject: Accessing JSP's under WEB-INF > > > > > > > Hello all, > > > > > > I would like to put my struts related jsp files under the web-inf > > directory > > > in a folder called "securedocroot" so that they have no chance of >being > > > called directly. The problem is that I do not know how you would call >a > > > page from this folder. How would you map these jsp's in the >struts-config > > > file? > > > > > > If you have done this in an existing application, would you mind >positing > > > some example code and possible a brief explanation? > > > > > > Regards, > > > > > > Joshua > > > > > > > > > This communication, including attachments, is for the exclusive use of > > > addressee and may contain proprietary, confidential or privileged > > > information. If you are not the intended recipient, any use, copying, > > > disclosure, dissemination or distribution is strictly prohibited. If > > > you are not the intended recipient, please notify the sender > > > immediately by return email and delete this communication and destroy >all > > copies. > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.445 / Virus Database: 250 - Release Date: 21/01/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.445 / Virus Database: 250 - Release Date: 21/01/2003 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]