Is there a way to exclude certain items from the <url-pattern> of a web-resource collection?
I was trying to include some images in my login page, but because my <url-pattern> for my web app is /* the folder (and thus the images in it) are protected, the login page loads, but the images do not.
I could change all of the servlets to map to something underneath root (e.g. /webapp/xxxx ) and protect only webapp, but I'd rather have all of the servlets map directly under /.
Also, is there a reason why mapping all servlets directly under / might not be a good idea?
No, you have to arrange the web site urls into secured and unsecured sections as you cannot exclude urls from a resource collection.