File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Tomcat and the fly likes Tomcat: return request to apache? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat: return request to apache?" Watch "Tomcat: return request to apache?" New topic

Tomcat: return request to apache?

Josh Johnson

Joined: Apr 17, 2006
Posts: 4
I'm trying to use Tomcat to check if someone has the correct credentials to access certain files (txt,doc,xml,etc...) and if they do I want to send the request back to apache to serve up the file. Is this possible?

For Example: A user might request file /Files/20952/batch-20060619.xml . I want to make sure that this user is client 20952 (which is stored in session). If they are, then I want apache to serve up the file. I used to do this with mod_perl pretty easily, you just returned a DECLINED status (after validating the session) and apache would handle it. I figure that since Java is much more flexible that I could do something similar.

If Tomcat can serve up the file then that is fine too. I just don't want to muck about creating a ContentType based on the .extension and I don't want to break the "flow" of things for the client; If its a .txt file then I want it to display in the browser, if its a .doc file then I want the user's browser to decide what to do (display it or download it).

Any suggestions?

Many thanks!

[ June 20, 2006: Message edited by: Josh Johnson ]
Ben Souther

Joined: Dec 11, 2004
Posts: 13410

Request.sendRedirect will force the browser to make a new request for the given resource. Either Tomcat or Apache HTTPD will be able to serve up static files without any extra coding on your part.

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Josh Johnson

Joined: Apr 17, 2006
Posts: 4
Thanks for the response Ben. I can't really do that because the browser needs to be denied access to the file if they don't have a valid session. If I merely send a redirect to their browser then that means that they could have accessed the file without validation. Granted, they would have to guess the correct URL, but I can't have that.
I agree. Here's the link:
subject: Tomcat: return request to apache?
It's not a secret anymore!