Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 16875 invoked from network); 1 Sep 2006 14:17:18 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 1 Sep 2006 14:17:18 -0000 Received: (qmail 96749 invoked by uid 500); 1 Sep 2006 14:17:04 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 96724 invoked by uid 500); 1 Sep 2006 14:17:04 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 96713 invoked by uid 99); 1 Sep 2006 14:17:04 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 01 Sep 2006 07:17:04 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [193.196.64.6] (HELO rz06.hs-karlsruhe.de) (193.196.64.6) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 01 Sep 2006 07:17:03 -0700 Received: from klma0001 (helo=localhost) by rz06.hs-karlsruhe.de with local-esmtp (Exim 4.62) (envelope-from ) id 1GJ9p4-000JmC-E8 for users@tomcat.apache.org; Fri, 01 Sep 2006 16:16:42 +0200 Date: Fri, 1 Sep 2006 16:16:42 +0200 (CEST) From: Matthias Klein To: users@tomcat.apache.org Subject: Handling file downloads? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: Matthias Klein X-Info: klma0001@hs-karlsruhe.de using (host: ) X-Info1: sdom hs-karlsruhe.de sg2 *.hs-karlsruhe.de X-Info3: sdom hs-karlsruhe.de sg2 *.hs-karlsruhe.de X-Info10: sdom hs-karlsruhe.de sg2 *.hs-karlsruhe.de:*.hs-karlsruhe.de X-Info12: matches - host unknown MX, D X-Info31: Zerocount 0 X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Hi everyone, What is the best method of handling files that are to be offered for download? I have a web application that uses JSF as presentation framework. This web app is available as both stand-alone application in Tomcat as well as portlet deployed within a portlet container that relies on tomcat. This app is supposed to deliver files. For instance, it renders a button or link and when a user clicks on it, one of the two following things should happen: 1. the file is offered for download so the user can just download it 2. the file is a html file and should be displayed in a new browser window, thereby obtaining embedded objects (e.g. images that the html file refers to) However, this functionality should be offered to users depending on their access rights. If user B is not allowed to download file X, he should not be able to. What is the best method / way of handling this? The simple way of storing all files in something like %CATALINA_HOME%/webapps/files and then just render a download link referring to a file within won't work because everyone could access the files via URL. (Plus I don't like storing the files within CATALINA_HOME. What if I want to store them anywhere in the file system of the host?) In addition, some files have to be altered for some persons (e.g. before being delivered to user A, file X.html has to be processed and altered to meet the needs of user A. ONLY user A should see the altered X.html (X_altered_for_user_A.html). So this above approach looks "dirty" to me and doesn't live up to my expectations. But how does one deal with this "offering files for download" issue in a good, elegant way? There must be some nice way because like every CMS that uses tomcat offers just that. Any idea? Thanks a lot Matt --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org