Discussions

Web tier: servlets, JSP, Web frameworks: file download authentication

  1. file download authentication (3 messages)

    I need to limit the files to be download without authencitation. Such as

    /download/a.zip
    /download/b.pdf
    /login.jsp

    If a user knows the path and the filename of download file, he could download the file via HTTP GET. I want the user to login the system before he download the files. Is a servlet which is mapping to /download/* could protect the download?

     
    the second problem is:

    /files/a.zip
    /files/b.pdf
    /webroot/index.jsp

    the files to be downloaded are not in the folder of the webapp, I need a servlet to read the files, then send to the clients. could anybody help me?

    Any responses are appreciated.

    Threaded Messages (3)

  2. file download authentication[ Go to top ]

    Hi,
    You could use a filter that checks if the requested resource needs a login and continue the request processing if eveything is ok, or forwards to an error page otherwise.
    Best regards, Mircea
  3. file download authentication[ Go to top ]

    See for example Download servlet in JSOS:
    http://www.servletsuite.com/servlets.htm
  4. file download authentication[ Go to top ]

    You can protect your resources thru
    security-constraint tag in web.xml

    Thanks,
    Badrish