Edwin,
Thanks for your post.
What I meant is I accidentally found that I can see the content of my web.xml application and also the .class files inside the WEB-INF if I type: "http://myapps/WEB-INF/web.xml" or if I type "http://myapps/WEB-INF/beans/myJavaProgram.class"
I'm not too familiar with Apache itself, it's a legacy system and no apache expert in our team yet. Here is the setting. Can you please advise how should I change this?
Note:
In one of the JSP pages, I also served some data from "/WEB-INF/data", so I want it to be accessible from my JSP but not from outside.
Example:
I know
Servlet is better for this. But for now this JSP page must stay.