tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Layman <>
Subject RE: Accessing protected files trough JSP how?
Date Fri, 31 Aug 2001 18:42:32 GMT

	The JSP/servlet could use the classes
to read the file and stream it out to the web browser - this way the files
wouldn't even have to be in the webapps directory.


> -----Original Message-----
> From: Roland []
> Sent: Friday, August 31, 2001 2:22 PM
> To:
> Cc:
> Subject: Accessing protected files trough JSP how?
> Hello,
> we are creating a JSP web-page for several users with login.
> Now my question is, each user has specific files, which other users
> shouldn't be allowed to read. Now one alternative would be to create a
> directory for each user and only assign the specific user the 
> rights to read
> that directory using the web.xml file. I think that is a lot 
> of overhead,
> because if you have 500 users you will have to create 500 
> dirs, and put 500
> roles in your web-xml file.
> But there is another approach idea which I think is simpler 
> to implement.
> Instead of creating one dir for each user, how about storing 
> all files on
> the same dir. The dir shouldnt be accessible for any of the 
> users, and the
> files should be accessed through a JSP page. The JSP page 
> would decide which
> file to show to which user depending on his userid.
> The problem is, how can the JSP page access a file that is 
> not accessible to
> the user?
> Any ideas here?
> Thanks Roland

View raw message