[jboss-user] [JBoss Portal] - Re: Best practice: secure direct web app access
PeterJ
do-not-reply at jboss.com
Thu Mar 20 13:33:26 EDT 2008
Any content you reference in your portlet code (within Java or a JSP) you can place into WEB-INF, but anything that will be referenced via a URL embedded in an html document sent to the browser will need to remain outside of WEB-INF. Thus you might have to leave the css, javascripts and images outside WEB-INF. One possible alternative is to place these items into CMS and access them from there; you can even apply access control to them so they cannot be accessed except by people logged into the portal.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4138111#4138111
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4138111
More information about the jboss-user
mailing list