Hi, I have a Struts based application and would like to block all direct access to JSP files by user, so if a user typing a URL point to a JSP file directly, it will fail. I did a change to web.xml but not working on Websphere 4.0.3 (I should post to websphere news group but I hope some one here already did the same thing) here is my web.xml config relate to this web resource protection, It works fine on tomcat, but never in Websphere, any idea?
<security-constraint> <web-resource-collection> <web-resource-name>blockJSPDirectAccess</web-resource- name> <description>to block JSP direct access</description> <url-pattern>*.jsp</url-pattern> </web-resource-collection> <auth-constraint> <description></description> <role-name></role-name> </auth-constraint> </security-constraint> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]