posted 12 years ago
I think that there isn't vendor-independent way to do it. Although I haven't noticed it in servlet spec. What you can do, you can put your protected files under WEB-INF. Or just put index.html into all directories, as almost all vendors uses this file as index/welcome file.