tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Layman <randy.lay...@aswethink.com>
Subject RE: Accessing protected files trough JSP how?
Date Fri, 31 Aug 2001 18:42:32 GMT

	The JSP/servlet could use the java.io.File/FileInputStream classes
to read the file and stream it out to the web browser - this way the files
wouldn't even have to be in the webapps directory.

	Randy

> -----Original Message-----
> From: Roland [mailto:roland@netquant.com.br]
> Sent: Friday, August 31, 2001 2:22 PM
> To: tomcat-user@jakarta.apache.org
> Cc: tomcat-dev@jakarta.apache.org
> Subject: Accessing protected files trough JSP how?
> 
> 
> Hello,
> we are creating a JSP web-page for several users with login.
> Now my question is, each user has specific files, which other users
> shouldn't be allowed to read. Now one alternative would be to create a
> directory for each user and only assign the specific user the 
> rights to read
> that directory using the web.xml file. I think that is a lot 
> of overhead,
> because if you have 500 users you will have to create 500 
> dirs, and put 500
> roles in your web-xml file.
> 
> But there is another approach idea which I think is simpler 
> to implement.
> Instead of creating one dir for each user, how about storing 
> all files on
> the same dir. The dir shouldnt be accessible for any of the 
> users, and the
> files should be accessed through a JSP page. The JSP page 
> would decide which
> file to show to which user depending on his userid.
> The problem is, how can the JSP page access a file that is 
> not accessible to
> the user?
> 
> Any ideas here?
> 
> 
> Thanks Roland
> 

Mime
View raw message