aspose file tools*
The moose likes Tomcat and the fly likes prevent hotlinking images with standalone tomcat. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "prevent hotlinking images with standalone tomcat." Watch "prevent hotlinking images with standalone tomcat." New topic
Author

prevent hotlinking images with standalone tomcat.

Rob Deer
Greenhorn

Joined: Jan 10, 2005
Posts: 17
Hi, I'm running tomcat webserver standalone. Is there a way to stop hotlinking images? I know you can do this with apache but what about standalone tomcat? Thanks.

EW
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12769
    
    5
Is there a way to stop hotlinking images?


If by that you mean requiring all image requests to come from known legal users, sure. Just have the image link point to a servlet rather than a file and have the servlet check for a valid session before sending the image data.

Bill
Rob Deer
Greenhorn

Joined: Jan 10, 2005
Posts: 17
I'm trying to prevent people typing image.jpg in the url to go to the image directly.
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12769
    
    5
I'm trying to prevent people typing image.jpg in the url to go to the image directly.

Ok, thats what I was talking about, Tomcat will only serve images directly from the main web application directory. Put you images somewhere else and create a servlet to send them after checking for a valid user.
Bill
Rob Deer
Greenhorn

Joined: Jan 10, 2005
Posts: 17
can you give a little example on the servlet?
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

You could do this with a filter as well.
Put all your restricted images in a directory (member-img). Then create a filter that checks a user's login credentials (usually stored in session) and allows the request to pass if the user should be allowed to access that directory.
Map that filter to your member-img directory.


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: prevent hotlinking images with standalone tomcat.