• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Accessing images under WEB-INF

 
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I need to store certain sensitive images under WEB-INF folder so that i will prevent users from accessing the images directory from the URL.

But in JSP i have to show the image like

<img src="/app/WEB-INF/images/my-image.gif" >

but still i can not view this image. How can i achieve this?


Note: these images are dynamically generated during file upload which is done previously
 
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Resources that are stored under WEB-INF are not publically visible.
You cannot use GET command to fetch those resources.
 
Bunty Paul
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
But is there any way i can achieve this...

1) I have to restrict users from directly accessing images folder

2) I should be able to display this image through my JSP
 
Rahul Bhattacharjee
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Bunty Paul:
But is there any way i can achieve this...

1) I have to restrict users from directly accessing images folder

2) I should be able to display this image through my JSP



Your jsp's can access the resources under WEB-INF directly , but when you generate the img html tag using the jsp then its not fetching the image.The image fetching is done by the browser/ client when the jsp gets rendered.So the browser is trying to fetch the image ,which is stored within the WEB-INF.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Instead of letting the web server (or servlet container) serve the images directly, you can create a servlet that streams the images to the client. So instead of "img src="xyz.jpg" you'd have a URL like "img src="ImageServlet?src=xyz.jpg". Then you can keep the images in the WEB-INF folder (or in any other directory that's not publicly accessible), because the servlet can read the images from there, but not the browser.
[ December 11, 2006: Message edited by: Ulf Dittmer ]
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have an example app on my site that does just this.
http://simple.souther.us

Look for SimpleStream.
 
Bunty Paul
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks all, thats the way i wanted.
reply
    Bookmark Topic Watch Topic
  • New Topic