0 Replies Latest reply on Sep 4, 2003 10:53 PM by arrow42

    expected behavior? jsp:include other jsp pages in secure are

    arrow42 Newbie


      Sorry if this is a simplistic question. However what is the expected behavior of a jsp file in a common zone that anyone can access, that includes a file in a secured/restricted URL space?

      I am using JBoss 3.0.7, and I am not being prompted to go to my login.jsp page.

      Should I be doing redirects or forwards? Could it be that it is compiling the JSPs with all the included secure JSPs before the JAAS security takes a look at it?

      <jsp:include page="/secure/secure.jsp"/>

      in the web.xml file we have set up the /secure/* URL space as secure. If I try to access the secure.jsp directly I get forwarded correctly to a login page.