Hi,
Sorry if this is a simplistic question. However what is the expected behavior of a jsp file in a common zone that anyone can access, that includes a file in a secured/restricted URL space?
I am using JBoss 3.0.7, and I am not being prompted to go to my login.jsp page.
Should I be doing redirects or forwards? Could it be that it is compiling the JSPs with all the included secure JSPs before the JAAS security takes a look at it?
common.jsp
...
<jsp:include page="/secure/secure.jsp"/>
...
in the web.xml file we have set up the /secure/* URL space as secure. If I try to access the secure.jsp directly I get forwarded correctly to a login page.
Thanks