more about login

[Adam Hardy <ah...@cyberspaceroad.com>]

I've hit a conflict in my security set-up. I am using container-managed 
security with the FORM option and so far I have a login.jsp and an 
error.jsp which work fine.

The conflict is now that I want to put my JSPs in my WEB-INF directory 
for protection's sake.

Tomcat can't handle this because it can't see the login and error pages 
under WEB-INF.

The only options I think I have is (a) use html files not under WEB-INF 
or (b) set up an action forward mapping to inside WEB-INF

I want to use JSPs and not just html files because I want to localise 
them for language etc.

But I am not sure about (b) being advisable or working in any other 
container - in fact I haven't tested it with tomcat yet.

Any comments?

Thanks
Adam



---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org