• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

PDF Files and web server location

 
Ranch Hand
Posts: 185
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am working on a site that allows members to enter data and based on this data a pdf file is generated for them. This file is then stored into their personal directory and when they navigate to their home page a list of pdf files they have created are displayed as hyperlinks.

I do not want anyone just to be able to type in the url to access the pdf file. I want the files only accessible to the member who created it.

I thought about having a servlet that accepted a pdf flie ID and a member id. When a user clicks on a link to view on the pdf I can access the database and make sure that the memberID requesting the file is the same member that created it. The only problem is that I am not sure how to then return the pdf to the user.

Another option is to put them behind WEB-INF and I think this will suffice. However, what would the hyperlink url be so they can access it as I thought the user would not be able to directly access the files behind WEB-INF

Thank you
david
 
Ranch Hand
Posts: 205
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
There are several options you have for protecting data. One is to implement container managed security to protect certain directories...another is to protect certain directories with filters. Either way...once the user has logged in you can associate their username with the pdf file that they have submitted and then let them view it.

The pdf file could either be stored in a database or on the filesystem.

As far as WEB-INF - nothing behind WEB-INF is directly accessible. Typically you put JSP pages in a directory under the web-app context directory that you can display to the user and any servlets, handler classes, or beans that you use would sit behind the WEB-INF file in the classes directory.

Your question is quite broad so you might first want to figure out how you are going to have users login then figure out how they can access their PDF files.
 
Ranch Hand
Posts: 783
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I thought about having a servlet that accepted a pdf flie ID and a member id. When a user clicks on a link to view on the pdf I can access the database and make sure that the memberID requesting the file is the same member that created it. The only problem is that I am not sure how to then return the pdf to the user.

You're on the right track. You are basically using a filter to verify the member first. Now you just need to send the appropriate pdf back.
By the way, those of you who have a copy of Head First Servlet & JSP will probably recognize this, as the original format came from that book. Wonderful book, by the way!
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic