This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Websphere and the fly likes How to disable a particular directory while accessing thro' ibm httpserver ? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » Websphere
Bookmark "How to disable a particular directory while accessing thro Watch "How to disable a particular directory while accessing thro New topic
Author

How to disable a particular directory while accessing thro' ibm httpserver ?

Siva Ram
Ranch Hand

Joined: Apr 04, 2002
Posts: 66
Hi,
How to disable a directory kept under \\websphere\appserver\installedApps\Apps.ear\webmod.war\directorytobeprotected.
If we are going thro' servlet / jsp , the particular files kept in the 'dirtobeprotected' should be accessible to the application. But if any body access the particular files directly without going through servlet the files in the particular folder should not be viewed. This we can achieve if the files kept are jsps . But the files kept in the above folder 'dirtobeprotected' are .rpt(Crystal report files) files.
How to protect those files? Can any one help me to solve this............


Thanks and Regards,<br />Siva Ram .NR
Axel Janssen
Ranch Hand

Joined: Jan 08, 2001
Posts: 2164
What about putting them into the WEB-INF - folder of your war-file?
This folder is only visible from inside the app.
Axel
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

I haven't tested it in Websphere, but the spec states that the server should not be allowed to serve resources from the WEB-INF directory, so the problem is partialy solved, but the server may not allow it to serve JSPs from the WEB-INF directory at all.
This is the way Tomcat does it. ie You can store config files in the WEB-INF directory and access them via ClassLoaders etc, but you cannot .forward or .include resources in that directory - therefore I believe it may not solve the problem.
Anyone prepared to give it a try in Websphere?
Dave
Siva Ram
Ranch Hand

Joined: Apr 04, 2002
Posts: 66
Hi,
For accessing reports, we have created the alias in the http server. This creates the problem. Whereever I am keeping the reports directory i.e "directorytobeprotected" in webmod.war or web-inf\classes , there will be no difference while accessing the files from http server. How can we disable this folder from outside parties if they do unauthorised access ? I am not able to provide security for *.rpt files since they are running in another crystal webserver ? Can anyone please help me to solve this......
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How to disable a particular directory while accessing thro' ibm httpserver ?
 
Similar Threads
Open Source Application Server
How can I get my HelloWorld Servlet to Run?
Applet in web application (WAR)
Disabling and Enabling Up One level button and new folder button in JFileChooser on some condition
where is best place to put jsp folder in web app