This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Tomcat and the fly likes restricting access Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "restricting access" Watch "restricting access" New topic

restricting access

Joseph Sweet
Ranch Hand

Joined: Jan 29, 2005
Posts: 327
I have an app that lets people register as members. When one opens an account, a new subdirectory in the app directory is being opened.

somthing like myapp/user_01, myapp/user_02, myapp/user_03....

My question is how do I prevent from user 01 accessing the files of user 02, by browsing to a place like: ../user_02/resume.doc

But I want to let him access files that are outside of the user directories, like login.jsp...

Thank you for your help

We must know, we will know. -- David Hilbert
Joseph Sweet
Ranch Hand

Joined: Jan 29, 2005
Posts: 327

nobody knows?
Ben Souther

Joined: Dec 11, 2004
Posts: 13410

A filter would do it.

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
I agree. Here's the link:
subject: restricting access
Similar Threads
Running JSP from outside tomcat\webapps\ROOT
Authentication using Sun Access Manager 7 and webmethods portal
Accessing resources outside of the Jar
Spring Security 3 - how to route all requests through authentication mechanism
Tomcat startup problems (MySQL driver)