how to prevent unauthorised user from accessing a file by typing the URL directly using a servlet as the preventive measure is what has been a sore for me for some time now.i would be very grateful for any opinion.thanks
elnuk 0 Newbie Poster
masijade 1,351 Industrious Poster Team Colleague Featured Poster
Like I have said before (and I believe to you) was write a servlet that takes a filename as one of the parameters and then have that servlet check the session information before returning the contents of the file. It is not that hard, already. I am not, however, going to just give you code for it. Try to write it. I will help you correct it, but I will not write it for you.
elnuk 0 Newbie Poster
thanks a lot masijade.The web app i'm trying to develop has a servlet acting as a front controller which does the redirecting to where the files are located,if a user gets hold of the url such as,
www.mywebapp.com/.../about.pdf.the resource is accessed directly without going through the front controller.I have an idea of 3 ways to solve this problem which is,
1. ht_access 2. mod_rewrite module 3. use a server side scripting facility.
I intend implementing the 3rd one.how is it possible for me to get the address directly typed in the address bar so i can pass it into the servlet
masijade 1,351 Industrious Poster Team Colleague Featured Poster
So don't redirect. Have the servlet deliver it directly! As I have already said.
If the file is a pdf, set the response objects content type to pdf, read the PDF bytes and send them directly to the responses output stream.
Like I said, the servlet returns the file, it does not redirect. I never said anything about redirecting, I never even hinted at that!
elnuk 0 Newbie Poster
THANK YOU VERY MUCH,u'r an heaven sent.this did it all
...
File file = new File ("/.../resources" + fileName);
InputStream in = new FileInputStream(file);
ServletOutputStream outs = response.getOutputStream();
int bit = 256;
int i = 0;
try {
while ((bit) >= 0)
{
bit = in.read();
outs.write(bit);
}
} catch (IOException ioe)
{
ioe.printStackTrace(System.out);
}
outs.flush();
outs.close();
in.close();really grateful.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.