How to Protect JSPs from direct access ?
JSPs located in the WEB-INF and its sub directories are protected from outside access. If you want to go page1.jsp from page2.jsp
<html:link action="gotoPage2">Go to Page 2</html:link>
in the struts-config.xml Code:
<action path="/gotoPage2" parameter="/WEB-INF/page2.jsp" type="org.apache.struts.actions.ForwardAction"/>