• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Rob Spoor
  • Devaka Cooray
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
  • Tim Holloway
Bartenders:
  • Jj Roberts
  • Al Hobbs
  • Piet Souris

Accessing a zip file through a JSP page.

 
Ranch Hand
Posts: 114
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have a zip file in my JSP application for clients to access (password-protected by tomcat).

I also have a JSP that will detect the last time user tries to access, how many times they have accessed, etc. before it redirects user to the zip file. But this is the ideal case.
There's no way to prevent user from accessing the zip file directly.

How do I make sure that the clients only will be able to access the zip file through the JSP page?

Thanks in advance for all the help.
 
Smith Li
Ranch Hand
Posts: 114
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
As an additional notes, I have Apache in front of Tomcat.
 
Sheriff
Posts: 67595
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
JSP is an astoundingly poor technology choice for this.

What I would do is to place the zip file somewhere in the WEB-INF folder hierarchy. This will protect it from direct access.

Then I'd write a servlet that will serve up that zip file, setting appropriate headers, when it has been determined that the request is properly authenticated.

JSP is not very good at serving non-text files.
[ February 28, 2007: Message edited by: Bear Bibeault ]
 
Smith Li
Ranch Hand
Posts: 114
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
> JSP is an astoundingly poor technology choice for this.
Why is this?
 
Bear Bibeault
Sheriff
Posts: 67595
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
JSP assumes that it is serving text. Trying to use it to serve anything else is fraught with pitfalls.

More in this article if interested.
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic