If your SystemOut.log is throwing the following warning message, it means that you will need to specific white and black list for your custom web application:
[3/24/16 12:18:17:143 SGT] 0000027f AbstractReque W com.ibm.wps.resolver.resource.AbstractRequestDispatcherFactory matchesWebAppDefault(aResource) Servlet context [/WebApp] does not specify a blackwhite list when accessing resource [themes/html/dynamicSpots/custom/header.jsp], falling back to the default [[whitelist(null), blacklist(WEB-INF/.*)]]. Applications can define a custom list by adding the keys [com.ibm.portal.resource.whitelist] and [com.ibm.portal.resource.blacklist] to their web.xml deployment descriptor. For details see information for APAR PI47714 related to CVE-2014-8912 (Security bulletin: http://www.ibm.com/support/docview.wss?uid=swg21963226).
Add the following parameters to your web.xml and redeployed your application:
http://mygeekjourney.com/websphere-portal/websphere-portal-specify-white-black-list-web-application/
Julio Pari (IT Architect IBM)
Si te ha interesado este artículo y deseas un apoyo o asesoría en algún requerimiento, envíame un mensaje a: (info@juliopari.com) o sino a través de Linkedin: https://www.linkedin.com/in/juliopari/