Hi All,
Servlet spec 2.2 states
I am using Apache and Tomcat to build
my website. The adapter is JServ.I have certain word documents which have
to be displayed on the browser on demand from the end user. I dont
want to end users to view these documents unless they have logged into
the system. What happens right now is that user can see the url of word
document when the jsp redirects him to word document on receiving the
request. He can then access the document from the webserver even if he
has not logged into the website. Is there anyway I can prevent this from
happening? Ideally I would like Apache to serve all the word documents
since they are static files. But I am also considering Tomcat to serve
this file.
Also I have another question on access control. Servel 2.2 spec states
the following
Access control for resources: The mechanism by which
interactions with resources are limited
to collections of users or programs for the purpose of
enforcing availability, integrity, or
confidentiality.
How can we limit interaction with resources to collections of
programs?
Any help on this would be greatly appreciated.
Thanks & Regards,
Pankaj
- tomcat start fails Valerie BARRAUD
- Apache+Tomcat connection problem Pankaj Chhaparwal
- Apache+Tomcat connection problem istvan bereti
- Re: Problem in access control of resources Hemant Singh
- Re: Problem in access control of resources Pankaj Chhaparwal
- Re: Problem in access control of resour... Hemant Singh
- Re: tomcat start fails Stephane Meier
- RE: tomcat start fails Randy Layman