Since no one responded, does that mean there's nothing wrong with the xml
below?
It's still not working. Any suggestions would be welcome.
--Michael
-----Original Message-----
From: Michael Molloy [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 29, 2001 7:41 PM
To: Tomcat
Subject: How to prevent a .jsp from being accessed directly?
I'm using the following web.xml file inside a servlet context
(/opt/tomcat/webapps/staging/WEB-INF/web.xml). However, it's not preventing
direct access to the jsp file, which is what I'm hoping to achieve. I got
this from the O'Reilly Javaserver Pages book, but it's not working. Any
suggestions?
Thanks
--Michael
<web-app>
<servlet>
<servlet-name>RosterServlet</servlet-name>
<servlet-class>RosterServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>RosterServlet</servlet-name>
<url-pattern>/process</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>no-access</web-resource-name>
<url-pattern>selectroster.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>nobody</role-name>
</auth-constraint>
</security-constraint>
</web-app>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]