0 Replies Latest reply on Sep 4, 2003 10:53 PM by arrow42

    expected behavior? jsp:include other jsp pages in secure are

    arrow42 Newbie

      Hi,

      Sorry if this is a simplistic question. However what is the expected behavior of a jsp file in a common zone that anyone can access, that includes a file in a secured/restricted URL space?

      I am using JBoss 3.0.7, and I am not being prompted to go to my login.jsp page.

      Should I be doing redirects or forwards? Could it be that it is compiling the JSPs with all the included secure JSPs before the JAAS security takes a look at it?


      common.jsp
      ...
      <jsp:include page="/secure/secure.jsp"/>
      ...

      in the web.xml file we have set up the /secure/* URL space as secure. If I try to access the secure.jsp directly I get forwarded correctly to a login page.

      Thanks