Hi,

Use <web-resource-collection>
<web-resource-name>
<url-pattern>
<auth-constraint>...
in web.xml. Is this something that you are looking for?



>From: Katz Guy <Guy_Katz@(protected)>
>Reply-To: "A mailing list for discussion about Sun Microsystem's Java
>      Servlet API Technology." <SERVLET-INTEREST@(protected)>
>To: SERVLET-INTEREST@(protected)
>Subject: Protecting resources under request dispacher declarativally?
>Date: Sun, 8 Feb 2004 14:13:38 +0200
>
>Hi;
>I am using an MVC framework and need to enforce security constarints on
>JSPs
>under a specific folder which is access through the framework navigation
>handler.
>My app structure:
>      /app/1.jsp
>      /app/protect/2.jsp //need to protect this
>Its my understanding that the request dispatcher does not take into
>consideration the security constraints. So if I put a constraint in the DD
>on the 'protected' it will not do the trick. What is the thought behind
>this?
>Is there a way of doing this declaritavely?
>What alternatives do I have(besides plain programatic)?
>thanks
>
>
>
>___________________________________________________________________________
>To unsubscribe, send email to listserv@(protected)
>of the message "signoff SERVLET-INTEREST".
>
>Archives: http://archives.java.sun.com/archives/servlet-interest.html
>Resources: http://java.sun.com/products/servlet/external-resources.html
>LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>

_________________________________________________________________
Keep up with high-tech trends here at "Hook'd on Technology."
http://special.msn.com/msnbc/hookedontech.armx

___________________________________________________________________________
To unsubscribe, send email to listserv@(protected)
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html