I can set JAAS access permissions on methods in servlets and beans. What about other files, like JSPs, HTMLs, etc.?
Has anyone tried to set security constraints on JSPs, like what can be done on servlets in web.xml?