This rule raises an issue when a configured Java package or class is used in a JSP file.
Noncompliant code example
Given a disallowed list of java.sql,ArrayList:
<%@ page import="java.sql.*" %> <!-- Noncompliant -->
<% java.util.ArrayList clients; %> <!-- Noncompliant -->
<% java.lang.String name; %> <!-- Compliant -->
