Hi, we have some pdf's on our server- sensitive info. Right now u can enter url that
hits those pdf's directly and download them. That is not good ofcourse we need
security. Need to check if they are currently logged in, or atleast if they have our
cookies with a uid and pw on it. Ofcourse there is basic authentication, but we want
to avoid that for that ugly pop up login screen. So wondering from the webserver
level, if there is a way that you can protect directory, with the criteria for
accessing that directory being a session cookie. Is there a module you can configure,
u can tell it what cookie to look for (eg. sessionid), maybe even see of that
sessionid is currently valid. Any other possibilites to do it without basic auth and
those pop up logins. Thanks, Jake
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
