tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roland" <>
Subject Accessing protected files trough JSP how?
Date Fri, 31 Aug 2001 18:21:42 GMT
we are creating a JSP web-page for several users with login.
Now my question is, each user has specific files, which other users
shouldn't be allowed to read. Now one alternative would be to create a
directory for each user and only assign the specific user the rights to read
that directory using the web.xml file. I think that is a lot of overhead,
because if you have 500 users you will have to create 500 dirs, and put 500
roles in your web-xml file.

But there is another approach idea which I think is simpler to implement.
Instead of creating one dir for each user, how about storing all files on
the same dir. The dir shouldnt be accessible for any of the users, and the
files should be accessed through a JSP page. The JSP page would decide which
file to show to which user depending on his userid.
The problem is, how can the JSP page access a file that is not accessible to
the user?

Any ideas here?

Thanks Roland

View raw message