tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Protecting a directory with non-JSP/servlet files
Date Mon, 09 Oct 2000 04:28:57 GMT
What i am trying to do is to protect a folder with RealPlayer .ram files  and allow access
only after the user is
 authenticated (username/password) from a database (USERS table)

First i tried Tomcat's JDBC realm but i found out that it only protects .jsp files and servlets
, not even .html files.

Then i thought that since it's apache that serves all the non sp files/servlets of course
the JDBC realm cannot protect them , but Apache protection does not offer a database authentication
method. I need a database because i want the user to be able to register via a registration
page in which he/she selects a username and a password , submits the form an the record goes
into the USERS table. 

Finally  i tried to do custom-based protection , by protecting the folder with a servlet (url-mapping)
and telling tomcat to send all the requests to .ram files to the Authenticator servlet which
will look-up the username in the database or check the users session and the forwrd the request
to the appropriate .ram file. 

Unfortunatelly the following line does not work  properly :
getServetContext().gerRequestDispatcher("/media/a_sample_ram_file.ram").forward(request, response);
It creates infinite calls to the Servlet's doGet() method and then i get stack overflow. 

A .ram file is a very simple text file that has a single line like " rtsp://realServerHost/mountpoint/media_file.rm"
When a browser invokes a .ram file it spawns RealPlayer and then RealPlayer connects to the
REalServer to the location rtsp://realServerHost/mountpoint/media_file.rm and RealServer starts
streaming the media file.
But forwarding to a .ram file deom Tomcat does not produce that result. 

If anyone has worked with Tomcat and RealPlayer .ram files,  any help would be appreciated


View raw message