• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Serve files outside the context

 
Carlos Conti
Ranch Hand
Posts: 131
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

this post refers to a previous one, in which I asked how to list files from a path outside the context. In fact I can do that in my dev machine, but when jumping to the production one, the code doesn't produce any list at all. Those listed files are then made available for download. I guess a security setting might prevent the listing of the files. Does anyone know what is going about? If the security setting is there, it is for a good reason, so in the end I would like to implement that feature in a better fashion, but don't know which approach I sould take. In previous discussions I have been advised to build a custom servlet for that purpose, others say I should enable a context resource from which I would be able to list the files....

I am bit lost right now.

So the point is basically I need to be able to list a folder/file structure given a root path, which is outside my application context.

Any advice is appreciated.

Many thanks,

Carlos.
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18212
53
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Carlos Conti wrote:
So the point is basically I need to be able to list a folder/file structure given a root path, which is outside my application context.


"Application context" means the part of the URL that tells your application server (Tomcat or whatever), which application the URL will be routed to, since J2Ee supports more than one application per application server. J2EE application servers are not file servers, and the only reason that you can list directories or server raw file resources at all from J2EE is that the server has a default rule for each application that says that if the application doesn't have a URL handler for the indicated resource then the application server should send the URL to a default handler whose behavior is to look inside the application's WAR, see if the post-context part of the URL matches a resource path, and list/serve the indicated resource.

The most critical part of that last paragraph is "look inside the application's WAR". It would be a major security issue if the application server was allowed free access to non-WAR resources, so J2EE does not provide that capability. That's why you have to write a custom servlet that handles that function.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic