I am trying to restrict access to http://www.theserver.com:jbossportnum/WEB-INF./web.xml. This opens up the \default\deploy\http-invoker.sar\invoker.war\WEB-INF\web.xml file and views in the browser. Is there a way to redirect or just not allow access to this file?