aspose file tools*
The moose likes JSP and the fly likes Restrict Users Accessing Folders Under Root Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Restrict Users Accessing Folders Under Root" Watch "Restrict Users Accessing Folders Under Root" New topic
Author

Restrict Users Accessing Folders Under Root

Vijay Bharghav bheemineni
Greenhorn

Joined: Aug 31, 2005
Posts: 29
Hi ,

Recently I had developed website, which I would be hosting online on Tomcat Server soon. I don't want users to access my resources under Root Context for example "Images","CSS", "Java Script" extra.

I know all resources under "/WEB-INF" are restricted but I don't want to keep them over there.

I can implement filters and based on URL I can reject the request but I want to find if there is any better way of doing this?.

Please advice.

Thanks in advance.

Vijay Bheemineni.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61662
    
  67

Why? The browser needs access to these files and so your visitors can get them out of the cache even you somehow managed to restrict direct access.

Originally posted by Vijay Bharghav bheemineni:
I know all resources under "/WEB-INF" are restricted but I don't want to keep them over there.
You couldn't anyways. Doing so would prevent the browser from accessing them.

I can implement filters and based on URL I can reject the request
Again, no. The files must be accessible so the browser can access them as part of rendering the page.
[ July 05, 2008: Message edited by: Bear Bibeault ]

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Vijay Bharghav bheemineni
Greenhorn

Joined: Aug 31, 2005
Posts: 29
Thanks Bear, so you mean to say there is no way stopping users from accessing the content which is under "Root" but not under "/WEB-INF".
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61662
    
  67

Originally posted by Vijay Bharghav bheemineni:
so you mean to say there is no way stopping users from accessing the content which is under "Root" but not under "/WEB-INF".
Of course there is. But my point was that if you do so, then they can't be used at all. So what's the point?
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: Restrict Users Accessing Folders Under Root