First, to qualify myself, I am relatively new to java. I am a RPG programmer by trade.
We have web application (purchased) that does it's own document distribution that. However in our environment, we are somewhat modifying it to adapt to our evironment, but let it handle the front end security. We distribute PDF versions of reports via the intranet. We place each companies documents in seperate folders then when we want them to see the reports. BTW, we are testing this, it is not in production. I have a servlet written, that will display the contents of the directory. We hard code the parameter into a link to the servlet. But now we are wondering how secure it really has to be. Right now, if the user figures out our directory structure, they can get to any report. This is not good. Anyone have ideas as to how to secure the directory listing so they cannot see other companies? Would encrypting the parameters work? Mike Wills AS400 Programmer [EMAIL PROTECTED] Comming soon to a web browser near you... koldark.net _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
