aspose file tools*
The moose likes JSP and the fly likes Accessing images under WEB-INF Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Accessing images under WEB-INF" Watch "Accessing images under WEB-INF" New topic
Author

Accessing images under WEB-INF

Bunty Paul
Greenhorn

Joined: Jun 26, 2006
Posts: 28
I need to store certain sensitive images under WEB-INF folder so that i will prevent users from accessing the images directory from the URL.

But in JSP i have to show the image like

<img src="/app/WEB-INF/images/my-image.gif" >

but still i can not view this image. How can i achieve this?


Note: these images are dynamically generated during file upload which is done previously
Rahul Bhattacharjee
Ranch Hand

Joined: Nov 29, 2005
Posts: 2308
Resources that are stored under WEB-INF are not publically visible.
You cannot use GET command to fetch those resources.


Rahul Bhattacharjee
LinkedIn - Blog
Bunty Paul
Greenhorn

Joined: Jun 26, 2006
Posts: 28
But is there any way i can achieve this...

1) I have to restrict users from directly accessing images folder

2) I should be able to display this image through my JSP
Rahul Bhattacharjee
Ranch Hand

Joined: Nov 29, 2005
Posts: 2308
Originally posted by Bunty Paul:
But is there any way i can achieve this...

1) I have to restrict users from directly accessing images folder

2) I should be able to display this image through my JSP


Your jsp's can access the resources under WEB-INF directly , but when you generate the img html tag using the jsp then its not fetching the image.The image fetching is done by the browser/ client when the jsp gets rendered.So the browser is trying to fetch the image ,which is stored within the WEB-INF.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42267
    
  64
Instead of letting the web server (or servlet container) serve the images directly, you can create a servlet that streams the images to the client. So instead of "img src="xyz.jpg" you'd have a URL like "img src="ImageServlet?src=xyz.jpg". Then you can keep the images in the WEB-INF folder (or in any other directory that's not publicly accessible), because the servlet can read the images from there, but not the browser.
[ December 11, 2006: Message edited by: Ulf Dittmer ]

Ping & DNS - my free Android networking tools app
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

I have an example app on my site that does just this.
http://simple.souther.us

Look for SimpleStream.


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Bunty Paul
Greenhorn

Joined: Jun 26, 2006
Posts: 28
Thanks all, thats the way i wanted.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Accessing images under WEB-INF